Hi all,
createdb has a couple of issues with its quoting. For example take
that, which can be confusing:
$ createdb --lc-ctype="en_US.UTF-8';create table aa();select '1" popo
createdb: error: database creation failed: ERROR: CREATE DATABASE
cannot run inside a transaction block
The root of the issue is that any values added by the command caller
with --lc-collate, --lc-ctype or --encoding are not quoted properly,
and in all three cases it means that the quoting needs to be
encoding-sensitive (Tom mentioned me directly that part). This proper
quoting can be achieved using appendStringLiteralConn() from
string_utils.c, at the condition of taking the connection to the
server before building the CREATE DATABASE query.
Note that for --encoding, this is less of a problem as there is some
extra validation with pg_char_to_encoding(), but it seems better to me
to be consistent.
So this gives the patch attached, where the error becomes:
ERROR: invalid locale name: "en_US.UTF-8';create table aa();select '1"
Any opinions?
--
Michael
