Fix PQescapeLiteral()/PQescapeIdentifier() length handling
In 5dc1e42b4fa I fixed bugs in various escape functions, unfortunately as part
of that I introduced a new bug in PQescapeLiteral()/PQescapeIdentifier(). The
bug is that I made PQescapeInternal() just use strlen(), rather than taking
the specified input length into account.
That's bad, because it can lead to including input that wasn't intended to be
included (in case len is shorter than null termination of the string) and
because it can lead to reading invalid memory if the input string is not null
terminated.
Expand test_escape to this kind of bug:
a) for escape functions with length support, append data that should not be
escaped and check that it is not
b) add valgrind requests to detect access of bytes that should not be touched
Author: Tom Lane <tgl@sss.pgh.pa.us>
Author: Andres Freund <andres@anarazel.de
Reviewed-by: Tom Lane <tgl@sss.pgh.pa.us>
Reviewed-by: Noah Misch <noah@leadboat.com>
Discussion: https://postgr.es/m/Z64jD3u46gObCo1p@pryzbyj2023
Backpatch: 13
Branch
------
REL_13_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/1f7a05324524f015a4a3a4a3fb921b11f8126051
Modified Files
--------------
src/interfaces/libpq/fe-exec.c | 4 +-
src/test/modules/test_escape/test_escape.c | 78 ++++++++++++++++++++++++++++--
2 files changed, 77 insertions(+), 5 deletions(-)
