forwarded 372115 [email protected] tag 372115 upstream thanks Hi Olivier,
Olivier Bornet [2006-06-08 12:30 +0200]:
> using version 7.4.7-6sarge2 of postgresql-contrib cause trouble in
> database replication using /usr/lib/postgresql/bin/DBMirror.pl
Thanks for your report. I forwarded it upstream since I'm unsure how
to fix it properly (and I never used DBMirror myself).
> The problem I have found is if there is a ' character (the single quote)
> in the data. In this case, the single quote (') is replaced by two
> single quotes ('') in the table PendingData. This cause the replication
> process to stop with a message "Error in PendingData Sequence Id XXX".
Actually escaping a quote (') with '' instead of \' is one of the key
changes of this security update, since \' is prone to an SQL injection
attack in some cases. Your patch essentialy reverts that, so I think
it is not the correct solution. Let's hope that upstream has a better
idea.
Glad to know you found a workaround for now, though.
Thanks,
Martin
--
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntu.com
Debian Developer http://www.debian.org
In a world without walls and fences, who needs Windows and Gates?
signature.asc
Description: Digital signature
