On Tue, Jan 11, 2011 at 09:24:08PM -0500, Robert Haas wrote:
> commit 6c412f0605afeb809014553ff7ad28cf9ed5526b
> Author: Tom Lane <tgl@sss.pgh.pa.us>
> Date: Sun May 1 18:56:19 2005 +0000
>
> Change CREATE TYPE to require datatype output and send functions to have
> only one argument. (Per recent discussion, the option to accept multiple
> arguments is pretty useless for user-defined types, and would be a likely
> source of security holes if it was used.) Simplify call sites of
> output/send functions to not bother passing more than one argument.
>
> ...but I don't understand the motivation behind it.
IIRC, the issue is that a type output function has to interpret a
Datum. Type output functions can also be called by users, so it is not
guarenteed that the given OID would actually match the type of the
Datum given. Hence the decision that the output function must be able
to determine itself what kind of Datum it is dealing with.
Thought experiment: the datum is an integer, but the oid says it's a
pass-by-ref datum. Now the code may now to use the integer to derefence
an arbitrary place in memory.
Have a nice day,
--
Martijn van Oosterhout <kleptog@svana.org> http://svana.org/kleptog/
> Patriotism is when love of your own people comes first; nationalism,
> when hate for people other than your own comes first.
> - Charles de Gaulle
