greg@turnstep.com writes:
> Tom Lane wrote:
>>> Hm. Is that really the right behavior?
> Has we reached a consensus on this? I'd like to have DBD::Pg and
> PQescapeString consistent. Right now, we (DBD::Pg) are leaning toward
> the "bail if we hit \0" theory, but it would be nice to have something
> definitive in the API.
Ugly as it is, I think that we have little choice but to go with the
behavior Igor proposes (stop at \0). If we do the other then we will
have to raise the required size of the output buffer, which will
silently break existing apps (possibly creating security holes, even).
So essentially PQescapeString is going to become like strncpy --- stop
at either \0 or the given count.
This patch hasn't been applied as of 7.4b4 but I'll try to get it in
shortly.
regards, tom lane
