Re: possible design bug with PQescapeString()

[Andrew - Supernews <andrew+nonews(at)supernews(dot)com>]

On 2006-02-26, Tatsuo Ishii <ishii(at)sraoss(dot)co(dot)jp> wrote:
>> On 2006-02-20, Tatsuo Ishii <ishii(at)sraoss(dot)co(dot)jp> wrote:
>> > In further investigation, Akio Ishida found this kind of attack is
>> > possible even with EUC_JP/UTF-8.
>> 
>> How?
>
> The details have been sent to cores.

I wasn't asking out of idle curiosity. Some preliminary investigation
that I have done suggests that when using UTF-8, the proposed changes
do not fix the problem (and may make matters worse). So I want to know
whether the problem that I'm looking at is the same thing as the one
you're looking at.

UTF-8 has the property that neither ' nor \ can appear as part of a
valid multibyte sequence. But many places in postgres are extremely
sloppy about handling _invalid_ utf-8, and unless you're prepared to
make the escape routine fail outright in such cases (which I would
strongly favour), it is likely that there will always be ways to get
malformed sequences into the backend (which itself is far too lax
about parsing them).

-- 
Andrew, Supernews
http://www.supernews.com - individual and corporate NNTP services