Having looked closer now, I'm pretty sure you should base this patch on top of my patch: https://commitfest.postgresql.org/41/4081/ Mainly because you also need the token version of pg_role, which is one of the things my patch adds.
> if (regexp_pgrole[0] == '+') For these lines you'll need to check if the original token was quoted. If it's quoted it shouldn't use the group behaviour, and instead compare the + character as part of the literal role. > if (is_member(roleid, regexp_pgrole +1)) > if (is_member(roleid, ++map_role)) You use these two checks to do the same, so it's best if they are written consistently. > if (regexp_pgrole[0] == '+') This check can be moved before the following line and do an early return (like I do for "all" in my patch). Since if the first character is a + we know that it's not \1 and thus we don't have to worry about getting the regex match. > if ((ofs = strstr(identLine->pg_role->string, "\\1")) != NULL)