Tom Lane wrote:
> Bruce Momjian <> writes:
> > The attached patch fixes the warning you received by adding E'' strings
> > to the \copy arguments, and adds it for the other backslash commands
> > like \d.
> Further comment on this: I don't think we want all these places
> individually making this sort of decision.  What they should all be
> doing is using appendStringLiteralConn to generate the properly-quoted
> literal.  (I fixed this already in describe.c, but not in those other
> places.)

Yes, I think so.

> Once we've got that done, we could argue about whether appendStringLiteral
> ought to prepend an E to silence escape_string_warning.  I'd still vote
> no, but at least it would be a single place to change and not N of 'em.
> What's more, each place that is generating a variable literal without
> using appendStringLiteral or PQescapeString is at least potentially
> vulnerable to encoding issues, and so we should probably convert them
> anyway.

True.  See the email I just sent about escape_string_warning.  FYI, we
are finding these places because of escape_string_warning.  Do we trust
users to turn that on and test before standard_conforming_strings
becomes true.  One big problem is that people are having to use E'' if
they want to keep using backslashes, even if they have already tested
standard_conforming_strings.  One nice thing about E'' is that it works
no matter what the value of standard_conforming_strings is.

  Bruce Momjian

  + If your life is a hard drive, Christ can be your backup. +

---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster

Reply via email to