On Thu, Jan 21, 2010 at 12:37 PM, Tom Lane <[email protected]> wrote: > [email protected] (Robert Haas) writes: >> Add new escaping functions PQescapeLiteral and PQescapeIdentifier. > > Minor gripe: this loop test is unsafe: > > + /* Scan the string for characters that must be escaped. */ > + for (s = str; *s != '\0' && (s - str) < len; ++s) > > Should check len first, else you might be fetching a byte that isn't > there.
Good catch. > On a stylistic level, shouldn't as_ident be declared bool not int? Stupid bool. Real programmers use int, except when they just program in assembly directly. ...Robert -- Sent via pgsql-committers mailing list ([email protected]) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-committers
