Excerpts from Heikki Linnakangas's message of jue ene 26 15:58:58 -0300 2012:
> On 26.01.2012 17:31, Tom Lane wrote:
> > The idea that occurs to me is to have the code that uses the GUC do a
> > verify_mbstr(noerror) on it, and silently ignore it if it doesn't pass
> > (maybe with a LOG message). This would have to be documented of course,
> > but it seems better than the potential consequences of trying to send a
> > wrongly-encoded string.
>
> Hmm, fine with me. It would be nice to plug the hole that these bogus
> characters can leak elsewhere into the system through current_setting,
> though. Perhaps we could put the verify_mbstr() call somewhere in guc.c,
> to forbid incorrectly encoded characters from being stored in the guc
> variable in the first place.
This patch is listed as "Needs review" but that seems to be wrong --
it's "waiting on author", I think. Do we have an updated patch? Fujii?
--
Álvaro Herrera <alvherre@commandprompt.com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support
