Itagaki Takahiro <itagaki.takah...@oss.ntt.co.jp> wrote: > pg_read_file() takes byte-offset and length as arguments, > but we don't check the result text with pg_verify_mbstr(). > Should pg_read_file() return bytea instead of text or adding > some codes to verify the input? Only superusers are allowed > to use the function, but it is still dangerous.
Here is a patch to modify the result type of pg_read_file to bytea.
I think it is a possibly-security hole -- it might be safe because only
supersusers can use the function, but it is still dangerous.
We can still use the function to read a text file:
SELECT convert_from(pg_read_file(...), 'encoding')
If we want to keep backward compatibility, the issue can be fixed
by adding pg_verifymbstr() to the function. We can also have the
binary version in another name, like pg_read_binary_file().
Which solution is better? Comments welcome.
Regards,
---
ITAGAKI Takahiro
NTT Open Source Software Center
pg_read_file_as_bytea.patch
Description: Binary data
-- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
