Home > mailing lists

Re: Re: Escaping strings for inclusion into SQL queries - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: Re: Escaping strings for inclusion into SQL queries
Date	September 3, 2001 21:13:29
Msg-id	Pine.LNX.4.30.0109040016270.4304-100000@peter.localdomain Whole thread Raw
In response to	Re: Re: Escaping strings for inclusion into SQL queries (Florian Weimer <Florian.Weimer@RUS.Uni-Stuttgart.DE>)
Responses	Re: Re: Escaping strings for inclusion into SQL queries
List	pgsql-hackers

Tree view

Florian Weimer writes:

> In addition, there seems to be a bug in the treatment of "" escapes in
> identifiers. 'SELECT """";' yields the error message 'Attribute '""'
> not found ' (not '"'!) or even 'Attribute '""\' not found', depending
> on the queries executed before.

A bug indeed.

RCS file: /home/projects/pgsql/cvsroot/pgsql/src/backend/parser/scan.l,v
retrieving revision 1.88
diff -u -r1.88 scan.l
--- scan.l      2001/03/22 17:41:47     1.88
+++ scan.l      2001/09/03 22:11:46
@@ -375,7 +375,7 @@                                       return IDENT;                               }<xd>{xddouble}
{
-                                       addlit(yytext, yyleng-1);
+                                       addlit(yytext+1, yyleng-1);                               }<xd>{xdinside} {
                                 addlit(yytext, yyleng);
 
===end

-- 
Peter Eisentraut   peter_e@gmx.net   http://funkturm.homeip.net/~peter

pgsql-hackers by date:

From: "Oliver Elphick"
Date: 03 September 2001, 21:12:06
Subject: Re: Conditional operators ALL, ANY in WHERE clause

From: Tom Lane
Date: 03 September 2001, 22:10:07
Subject: Re: Re: Toast,bytea, Text -blob all confusing

Re: Re: Escaping strings for inclusion into SQL queries - Mailing list pgsql-hackers

Previous

Next