On Thu, Jan 14, 2010 at 8:46 PM, Robert Haas <robertmh...@gmail.com> wrote: > I have yet to fully review the code but on a quick glance it looks reasonable.
On further review, it looks less reasonable. :-( The new PQescapeIdentConn function is basically a cut-up version of PQescapeStringInternal, which seems like a reasonable foundation, but it rips out a little too much - specifically: 1. the length argument, 2. the size_t return value, 3. the portion of the handling for incomplete multibyte characters that prevents us from overrunning the output buffer on a maliciously constructed (or unlucky) input string, and 4. some relevant comments. I'm inclined to think we should put all of that stuff back, but certainly #3 at a minimum. ...Robert -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
