./psql postgres
postgres=# BEGIN;
Hi,
On Fri, Mar 28, 2025 at 8:13 PM Nathan Bossart <nathandboss...@gmail.com>
wrote:
>
> + /* Report error if dbname have newline or carriage return in name.
> */
> + if (strpbrk(dbname, "\n\r"))
> + ereport(ERROR,
> + (errcode(ERRCODE_INVALID_PARAMETER_VALUE)),
> + errmsg("database name contains a newline
> or carriage return character"),
> + errhint("newline or carriage return
> character is not allowed in database name"));
>
> I think it would be better to move this to a helper function instead of
> duplicating this code in several places.
>
agreed,we can do something like this
static void
validate_name(const char *name, const char *object_type)
{
if (strpbrk(name, "\n\r"))
ereport(ERROR,
(errcode(ERRCODE_INVALID_PARAMETER_VALUE)),
errmsg("%s name contains a newline or carriage return
character", object_type),
errhint("Newline or carriage return character is not
allowed in %s name", object_type));
}
where object_type is database or role/user name
,is src/backend/commands/define.c best to define this function?
>
> Taking a step back, are we sure that 1) this is the right place to do these
> checks and 2) we shouldn't apply the same restrictions to all names? I'm
> wondering if it would be better to add these checks to the grammar instead
> of trying to patch up all the various places they are used in the tree.
>
> hmm... need to think.
May the force be with you,
Srinath Reddy Sadipiralla
EDB: https://www.enterprisedb.com/
postgres=# COMMIT;
postgres=# \q
