Rudy Lippan wrote: > The docs for PQescapeString say that it, 'writes an escaped version of the > from string to the to buffer replacing special characters so that they > cannot cause any harm', but it seems to ignore any \0 characters > in the input, so if I do a > > phs->quoted_len = PQescapeString(phs->quoted, data, len); > ... > memcpy(sendbuff, phs->quoted, phs->quoted_len); > > I will get an '\0' in sendbuff? > > Is that right? The docs say that PGescapeString is for handling untrusted > data from the user, so is it still the application's responsibilty to > handle the \0 (and any other binary data) before passing it to > PQescapeString?
PQescapeString is not for binary data, only for text string, escaping quotes and backslashes and stuff like that. The only binary one is PQescapeBytea(). -- Bruce Momjian | http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania 19073
