Re: 7.2 fe-exec.c patch to PQescapeString()

Ed Loehr wrote:
> Tom Lane wrote:
>
> >
> > I agree with Bruce on this one.  I think the right analogy is not
> > one of "let's be friendly if he passes a null pointer" but "should
> > we try to detect a bogus input pointer".  If we are passed a random
> > bit-pattern for the 'from' pointer, we will almost certainly core
> > dump on trying to dereference it.  We have no reasonable or portable
> > way to defend against that.  I tend to think that being passed a null
> > pointer is a member of this class of events, not something that we
> > should have a special-case defense against.  It is a caller bug and
> > the caller should fix it, just the same as if the caller passed us
> > a bogus non-null pointer.
>
>
> Well, I can see your perspective and it sounds reasonable.  Null ptrs are a
> member of the general class called "bogus input pointers."  But the fact that
> you *can* detect a null ptr while you *cannot* detect a random bit pattern is
> precisely why I think it ought not to be sub-classified in the same
> things-we-defend-against category as the random bit pattern.  You *do* have a
> reasonable and portable way to defend against null, unlike the random bit
> pattern.

Basically, if there is a problem with a libpq parameter, and it is
possible the client code will not detect the failure, I would rather
crash in the libpq routine than to pass back a value.

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 853-3000
  +  If your life is a hard drive,     |  830 Blythe Avenue
  +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026