Excerpts from Heikki Linnakangas's message of jue ene 26 15:58:58 -0300 2012: > On 26.01.2012 17:31, Tom Lane wrote:
> > The idea that occurs to me is to have the code that uses the GUC do a > > verify_mbstr(noerror) on it, and silently ignore it if it doesn't pass > > (maybe with a LOG message). This would have to be documented of course, > > but it seems better than the potential consequences of trying to send a > > wrongly-encoded string. > > Hmm, fine with me. It would be nice to plug the hole that these bogus > characters can leak elsewhere into the system through current_setting, > though. Perhaps we could put the verify_mbstr() call somewhere in guc.c, > to forbid incorrectly encoded characters from being stored in the guc > variable in the first place. This patch is listed as "Needs review" but that seems to be wrong -- it's "waiting on author", I think. Do we have an updated patch? Fujii? -- Álvaro Herrera <alvhe...@commandprompt.com> The PostgreSQL Company - Command Prompt, Inc. PostgreSQL Replication, Consulting, Custom Development, 24x7 support -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
