Re: patch (for 9.1) string functions - Mailing list pgsql-hackers

From Pavel Stehule
Subject Re: patch (for 9.1) string functions
Date
Msg-id AANLkTi=qb5G4HwkagzWo4Yvbs_6-d07G79tFE6=bVoQC@mail.gmail.com
Whole thread Raw
In response to Re: patch (for 9.1) string functions  (Itagaki Takahiro <itagaki.takahiro@gmail.com>)
Responses Re: patch (for 9.1) string functions
List pgsql-hackers
Hello

2010/7/23 Itagaki Takahiro <itagaki.takahiro@gmail.com>:
> I'm reviewing contrib part of the string functions patch.
>
> I found an issue in sprintf() to print integer values. In this case,
> 'l' (for long type) is used on *all* platforms. For example,
>  SELECT sprintf('%d', 10);
> internally uses
>  appendStringInfo('%ld', (int64) 10)
>

> But there are some platform that requires to use %lld for int64 format, probably
> on Windows. That's why we have INT64_FORMAT macro. sprintf() needs to be
> adjusted to use INT64_FORMAT or similar portable codes.
>

fixed - it depends on INT64_FORMAT now.

> Other portion of the patch seems to be OK for me,
> unless you have still some idea to extend the feature.
>
> 2010/7/17 Pavel Stehule <pavel.stehule@gmail.com>:
>> I have a one idea nonstandard enhancing of sprintf - relatie often job
>> is a quoting in PostgreSQL. So sprintf should have a special formats
>> for quoted values. What do you think about
>>
>> %lq ... literal quoted
>> %iq ... ident quoted
>
> They save some keyboard types to write quote_literal() and quote_ident(), right?
> They seem to be useful and reasonable for me. One comment is that you might
> want to print NULL values as "NULL" instead of "<NULL>" in such cases.
>

NULL is showed as NULL for literal quoting and when ident quoting is
used, then exception is raised.

Maybe last rule is too hard, but it should be a protection before SQL
injection via mal formated SQL

Regards

Pavel

> --
> Itagaki Takahiro
>

Attachment

pgsql-hackers by date:

Previous
From: Markus Wanner
Date:
Subject: Re: bg worker: overview
Next
From: Dimitri Fontaine
Date:
Subject: Re: bg worker: overview