Re: transformations between types and languages - Mailing list pgsql-hackers

From Tom Lane
Subject Re: transformations between types and languages
Date
Msg-id 2475.1337621630@sss.pgh.pa.us
Whole thread Raw
In response to transformations between types and languages  (Peter Eisentraut <peter_e@gmx.net>)
Responses Re: transformations between types and languages
List pgsql-hackers
Peter Eisentraut <peter_e@gmx.net> writes:
> Here is a draft design for the transforms feature, which I'd like to
> work on. ...

> fromsql takes one argument of the respective type and returns internal.
> tosql is the other way around.  It's the responsibility of the language
> handler to look up this information and use it.  The "internal" argument
> or return value will be something specific to the language
> implementation and will likely be under the memory management of the
> language handler.

This part is absolutely not gonna do, because it breaks the security
requirement that it not be possible to generate exposed "internal"
values from the SQL level.  For instance there would be no way for the
type system to forbid
plperl_to_hstore(xml_to_plpython(some_xml_value))

despite the fact that this would almost assuredly crash.  The slightly
more enterprising hacker might try using these functions to feed things
like btinsert(), leading to even more merriment.

Can we use something else for the magic type here?  Or find a way to
positively forbid such functions from being called from the SQL level?
        regards, tom lane


pgsql-hackers by date:

Previous
From: Brendan Jurd
Date:
Subject: Re: External Open Standards
Next
From: Tom Lane
Date:
Subject: Re: Why is indexonlyscan so darned slow?