OK, got it. Thank you very much.
------------------------------------------------------------------
发件人:Tom Lane <[email protected]>
发送时间:2022年10月18日(星期二) 00:27
收件人:qiumingcheng <[email protected]>
抄 送:Laurenz Albe <[email protected]>; Julien Rouhaud
<[email protected]>; pgsql-general <[email protected]>;
yuexingzhi <[email protected]>
主 题:Re: 回复:回复:回复:回复:A question about leakproof
"qiumingcheng" <[email protected]> writes:
> Yes, It's capable of throwing an error(timestamp out of range) , but the
> message "timestamp out of range" is not sensitive information.
Really? Whether that's true at all is a matter of opinion. There's
also the prospect that somebody could determine the value of a
supposedly-unreadable timestamp by seeing how big an interval could
be added to it without overflow. Maybe that's infeasible because of
timestamp_pl_interval not being marked leakproof, but then we're
getting into precisely the sort of conditional-on-other-assumptions
reasoning that we don't want to indulge in.
> Only from this function(timestamp_gt_timestamptz), can it be marked as
> leakproof?
Project policy is that we will not mark a function as leakproof unless
it's evident from the text of the function that it can't throw errors.
I don't see a good argument for making a exception for this one.
regards, tom lane
