Home > mailing lists

Re: pgsql: Add new escaping functions PQescapeLiteral and - Mailing list pgsql-committers

From	Tom Lane
Subject	Re: pgsql: Add new escaping functions PQescapeLiteral and
Date	January 21, 2010 16:37:39
Msg-id	10384.1264095443@sss.pgh.pa.us Whole thread Raw
In response to	pgsql: Add new escaping functions PQescapeLiteral and (rhaas@postgresql.org (Robert Haas))
Responses	Re: pgsql: Add new escaping functions PQescapeLiteral and
List	pgsql-committers

Tree view

rhaas@postgresql.org (Robert Haas) writes:
> Add new escaping functions PQescapeLiteral and PQescapeIdentifier.

Minor gripe: this loop test is unsafe:

+     /* Scan the string for characters that must be escaped. */
+     for (s = str; *s != '\0' && (s - str) < len; ++s)

Should check len first, else you might be fetching a byte that isn't
there.

On a stylistic level, shouldn't as_ident be declared bool not int?

            regards, tom lane

pgsql-committers by date:

From: rhaas@postgresql.org (Robert Haas)
Date: 21 January 2010, 13:59:05
Subject: pgsql: Add new escaping functions PQescapeLiteral and

From: Robert Haas
Date: 21 January 2010, 16:40:10
Subject: Re: pgsql: Add new escaping functions PQescapeLiteral and

Re: pgsql: Add new escaping functions PQescapeLiteral and - Mailing list pgsql-committers

Previous

Next