Re: Open 7.3 items
| От | Bruce Momjian |
|---|---|
| Тема | Re: Open 7.3 items |
| Дата | |
| Msg-id | 200208180304.g7I342J02382@candle.pha.pa.us обсуждение исходный текст |
| Ответ на | Re: Open 7.3 items (Tom Lane <tgl@sss.pgh.pa.us>) |
| Список | pgsql-hackers |
OK, applied, with that change. --------------------------------------------------------------------------- Tom Lane wrote: > Bruce Momjian <pgman@candle.pha.pa.us> writes: > > OK, here is the patch with the suggested changes. I am sending the > > patch to hackers because there has been so much interest in this. > > One minor gripe: > > > + /* If user@, it is a global user, remove '@' */ > > + if (strchr(port->user, '@') == port->user + strlen(port->user)-1) > > This code is correct, but it tempts someone to replace the strchr() > with a single-character check on the last character of the string. > Which would introduce the security hole we discussed before. The > code is okay, but *please* improve the comment to point out that you > are also excluding the case where there are @'s to the left of the > last character. > > regards, tom lane > -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 359-1001+ If your life is a hard drive, | 13 Roberts Road + Christ can be your backup. | Newtown Square, Pennsylvania19073
В списке pgsql-hackers по дате отправления: