On Sun, Feb 26, 2012 at 8:53 AM, Euler Taveira de Oliveira
<eu...@timbira.com> wrote:
> On 25-02-2012 09:23, Magnus Hagander wrote:
>> Do we even *need* the validate_xlog_location() function? If we just
>> remove those calls, won't we still catch all the incorrectly formatted
>> ones in the errors of the sscanf() calls? Or am I too deep into
>> weekend-mode and missing something obvious?
>>
> sscanf() is too fragile for input sanity check. Try
> pg_xlog_location_diff('12/3', '-10/0'), for example. I won't object removing
> that function if you protect xlog location input from silly users.After this patch will have been committed, it would be better to change pg_xlogfile_name() and pg_xlogfile_name_offset() so that they use the validate_xlog_location() function to validate the input. Regards, -- Fujii Masao NIPPON TELEGRAPH AND TELEPHONE CORPORATION NTT Open Source Software Center -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
