Home > mailing lists

pgsql: Don't pass strings directly to errdetail() and errhint() - use %s - Mailing list pgsql-committers

From	mha@postgresql.org (Magnus Hagander)
Subject	pgsql: Don't pass strings directly to errdetail() and errhint() - use %s
Date	November 20, 2008 14:36:31
Msg-id	20081120153622.C98757545A4@cvs.postgresql.org Whole thread Raw
List	pgsql-committers

Tree view

Log Message:
-----------
Don't pass strings directly to errdetail() and errhint() - use
%s to unescape them. Fixes a potential security issue (in as yet
unreleased code)

Modified Files:
--------------
    pgsql/src/pl/plpgsql/src:
        pl_exec.c (r1.224 -> r1.225)
        (http://anoncvs.postgresql.org/cvsweb.cgi/pgsql/src/pl/plpgsql/src/pl_exec.c?r1=1.224&r2=1.225)

pgsql-committers by date:

From: mha@postgresql.org (Magnus Hagander)
Date: 20 November 2008, 14:03:45
Subject: pgsql: Silence compiler warning about ignored return value.

From: Bruce Momjian
Date: 20 November 2008, 15:36:08
Subject: Re: pgsql: Make SELECT FOR UPDATE/SHARE work on inheritance trees, by having

pgsql: Don't pass strings directly to errdetail() and errhint() - use %s - Mailing list pgsql-committers

Previous

Next