Re: pgsql 8.0 beta1 patch for token and timezone - Mailing list pgsql-bugs

From Tom Lane
Subject Re: pgsql 8.0 beta1 patch for token and timezone
Date
Msg-id 29981.1097169476@sss.pgh.pa.us
Whole thread Raw
In response to Re: pgsql 8.0 beta1 patch for token and timezone  (Bruce Momjian <pgman@candle.pha.pa.us>)
Responses Re: pgsql 8.0 beta1 patch for token and timezone
List pgsql-bugs
Bruce Momjian <pgman@candle.pha.pa.us> writes:
> + /*
> +  * Escape any single quotes or backslashes in locale
> +  */
> + static void
> + escape_locale(char **locale)
> + {
> +     int            len = strlen(*locale),
> +                 i, j;
> +     char        *loc_temp = xmalloc(len * 2);
> +
> +     for (i = 0, j = 0; i < len; i++)
> +     {
> +         if ((*locale)[i] == '\'' || (*locale)[i] == '\\')
> +             loc_temp[j++] = '\\';
> +         loc_temp[j++] = (*locale)[i];
> +     }
> +     *locale = loc_temp;
> + }

Surely this is quite broken.  You need to xmalloc one more byte and
add a '\0'.

            regards, tom lane

pgsql-bugs by date:

Previous
From: Bruce Momjian
Date:
Subject: Re: pgsql 8.0 beta1 patch for token and timezone
Next
From: Bruce Momjian
Date:
Subject: Re: pgsql 8.0 beta1 patch for token and timezone