On Thu, Sep 12, 2019 at 12:19 PM Tom Lane <t...@sss.pgh.pa.us> wrote:
> After burrowing down further, it's visibly the case that
> text_cmp and varstr_cmp don't leak in the sense of actually
> reporting any part of their input strings.  What they do do,
> in some code paths, is things like
>         ereport(ERROR,
>                 (errmsg("could not convert string to UTF-16: error code %lu",
>                         GetLastError())));

Is this possible? I mean, I'm sure it could happen if the data's
corrupted, but we ought to have validated it on the way into the
database. But maybe this code path also gets used for non-Unicode

Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company

Reply via email to