Re: [HACKERS] Minor regexp bug

[Greg Stark]

On Sat, Nov 7, 2015 at 2:32 AM, Tom Lane  wrote:
> What I'm wondering about is whether to back-patch this.  It's possible
> that people have written patterns like this and not realized that they
> aren't doing quite what's expected.  Getting a failure instead might not
> be desirable in a minor release.  On the other hand, wrong answers are
> wrong answers.


I would say wrong answers are wrong answers. It's hard to believe
there are many people doing this but if they are they're certainly
expecting the look-ahead to actually test that it's looking at the
same thing as the capturing parens. It might even be something
security-critical like parsing an connection string or something like
that. I can't see it's doing people any favours to let their code
continue doing something unexpected to avoid new errors.

-- 
greg


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Minor regexp bug

[Tom Lane]

Joe Conway  writes:
> On 11/07/2015 07:12 AM, Greg Stark wrote:
>> On Sat, Nov 7, 2015 at 2:32 AM, Tom Lane  wrote:
>>> What I'm wondering about is whether to back-patch this.

>> I would say wrong answers are wrong answers.

> +1

Hearing no objections, done.

regards, tom lane


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Re: [HACKERS] Minor regexp bug

[Joe Conway]

On 11/07/2015 07:12 AM, Greg Stark wrote:
> On Sat, Nov 7, 2015 at 2:32 AM, Tom Lane  wrote:
>> What I'm wondering about is whether to back-patch this.  It's possible
>> that people have written patterns like this and not realized that they
>> aren't doing quite what's expected.  Getting a failure instead might not
>> be desirable in a minor release.  On the other hand, wrong answers are
>> wrong answers.
> 
> 
> I would say wrong answers are wrong answers. It's hard to believe
> there are many people doing this but if they are they're certainly
> expecting the look-ahead to actually test that it's looking at the
> same thing as the capturing parens. It might even be something
> security-critical like parsing an connection string or something like
> that. I can't see it's doing people any favours to let their code
> continue doing something unexpected to avoid new errors.

+1


-- 
Crunchy Data - http://crunchydata.com
PostgreSQL Support for Secure Enterprises
Consulting, Training, & Open Source Development



signature.asc
Description: OpenPGP digital signature

Re: [HACKERS] Minor regexp bug

[David G. Johnston]

On Fri, Nov 6, 2015 at 7:32 PM, Tom Lane  wrote:

> What I'm wondering about is whether to back-patch this.  It's possible
> that people have written patterns like this and not realized that they
> aren't doing quite what's expected.  Getting a failure instead might not
> be desirable in a minor release.  On the other hand, wrong answers are
> wrong answers.
>

​I'd vote to back-patch this.  The unscientific reason on my end is that I
suspect very few patterns in the wild would be affected and furthermore any
using such patterns is likely to be in a position to change it match the
existing behavior by replace the "(\1)" with the corresponding "(\w)" as
you used in you example.  We should probably suggest just that in the
release notes.  It is not a strongly held position and my first reaction
was that introducing an error should be avoided.  But regular expressions
are tricky enough to get right when the engine does what you tell it...

David J.
​