Home > mailing lists

Re: [HACKERS] Disallowing multiple queries per PQexec() - Mailing list pgsql-hackers

From	Andreas Karlsson
Subject	Re: [HACKERS] Disallowing multiple queries per PQexec()
Date	February 28, 2017 20:59:08
Msg-id	5bb41454-9773-c6c8-3cf3-29e07d030f00@proxel.se Whole thread Raw
In response to	Re: [HACKERS] Disallowing multiple queries per PQexec() (Bruce Momjian <bruce@momjian.us>)
Responses	Re: [HACKERS] Disallowing multiple queries per PQexec() (Andres Freund <andres@anarazel.de>)
List	pgsql-hackers

Tree view

On 02/28/2017 03:13 PM, Bruce Momjian wrote:
> I might have added that one; the text is:
>
>     Consider disallowing multiple queries in PQexec()
>     as an additional barrier to SQL injection attacks
>
> and it is a "consider" item.  Should it be moved to the Wire Protocol
> Changes / v4 Protocol section or removed?

A new protocol version wont solve the breakage of the C API, so I am not 
sure we can ever drop this feature other than by adding a new function 
something in the protocol to support this.

Andreas

pgsql-hackers by date:

From: Andrew Dunstan
Date: 28 February 2017, 20:40:40
Subject: Re: [HACKERS] btree_gin and btree_gist for enums

From: Aleksander Alekseev
Date: 28 February 2017, 21:05:36
Subject: Re: [HACKERS] [POC] hash partitioning

Re: [HACKERS] Disallowing multiple queries per PQexec() - Mailing list pgsql-hackers

Previous

Next