| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Andrew McNamara <andrewm(at)object-craft(dot)com(dot)au> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: No sanity checking performed on binary TIME parameters. |
| Date: | 2009-05-25 14:52:41 |
| Message-ID: | 3206.1243263161@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Andrew McNamara <andrewm(at)object-craft(dot)com(dot)au> writes:
> When submitting a query via the V3 binary protocol (PQexecParams,
> paramFormats[n]=1), it appears the PostgreSQL server performs no range
> checking on the passed values.
A quick look at time_recv() shows this is true, and timetz_recv()
checks neither the time nor the zone component.
> Passing values greater than 24 hours
> results in unpredictable results (dumps that cannot be restored,
> strange output when printing the column in psql, etc).
I'm not entirely sure why we put a range limit on time values at all,
but given that we do, it'd probably be a good idea to check the range
in the recv functions. I'm inclined to fix this for 8.4, but not
back-patch because of compatibility considerations. Any objections
out there?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2009-05-25 14:55:48 | Re: generic options for explain |
| Previous Message | Joshua Tolley | 2009-05-25 14:52:27 | Re: generic options for explain |