On 8/22/10, Peter Eisentraut <pete...@gmx.net> wrote: > On sön, 2010-08-22 at 14:29 -0400, Tom Lane wrote: > > I just noticed that we are now advertising the ability to insert UTF16 > > surrogate pairs in strings and identifiers (see section 4.1.2.2 in > > current docs, in particular). Is this really wise? I thought that > > surrogate pairs were specifically prohibited in UTF8 strings, because > > of the security hazards implicit in having more than one way to > > represent the same code point. > > > We combine the surrogate pair components to a single code point and > encode that in UTF-8. We don't encode the components separately; that > would be wrong.
AFAICS our UTF8 validator (pg_utf8_islegal) detects and rejects such sequences, if they are inserted via any means, eg. \x Although it's not very obvious... -- marko -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
