Excerpts from Heikki Linnakangas's message of jue ene 26 15:58:58 -0300 2012:
> On 26.01.2012 17:31, Tom Lane wrote:

> > The idea that occurs to me is to have the code that uses the GUC do a
> > verify_mbstr(noerror) on it, and silently ignore it if it doesn't pass
> > (maybe with a LOG message).  This would have to be documented of course,
> > but it seems better than the potential consequences of trying to send a
> > wrongly-encoded string.
> Hmm, fine with me. It would be nice to plug the hole that these bogus 
> characters can leak elsewhere into the system through current_setting, 
> though. Perhaps we could put the verify_mbstr() call somewhere in guc.c, 
> to forbid incorrectly encoded characters from being stored in the guc 
> variable in the first place.

This patch is listed as "Needs review" but that seems to be wrong --
it's "waiting on author", I think.  Do we have an updated patch?  Fujii?

Álvaro Herrera <alvhe...@commandprompt.com>
The PostgreSQL Company - Command Prompt, Inc.
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:

Reply via email to