Changed behaviour of \'

Поиск
Список
Период
Сортировка
От Martin Pitt
Тема Changed behaviour of \'
Дата
Msg-id 20110510162023.GA2490@piware.de
обсуждение исходный текст
Ответы Re: Changed behaviour of \'
Список pgsql-bugs
Дерево обсуждения 
Hello again,

sorry for spamming you today, but I promise that this is the last
mail; it's the one remaining test case failure for me.

I have some test cases to verify the handling of the obsolete \'
escaping in different locales (cf. CVE-2006-2313).

Up to 9.0, \' was still allowed in safe locales, but not in unsafe ones (so=
rry
for German error messages, but they just complain about unsafe usage of \'):

----------------------- 8< ----------------
$ printf "set client_encoding=3D'SJIS'; select '\\\\'a'" | psql -Atq templa=
te1
FEHLER:  unsichere Verwendung von \' in Zeichenkettenkonstante
LINE 1: select '\'a'
               ^
HINT:  Verwenden Sie '', um Quotes in Zeichenketten zu schreiben. \' ist in=
 bestimmten Client-seitigen Kodierungen unsicher.

$ printf "set client_encoding=3D'UTF8'; select '\\\\'a'" | psql -Atq templa=
te1
WARNUNG:  nicht standardkonforme Verwendung von \' in Zeichenkettenkonstante
LINE 1: select '\'a'
               ^
HINT:  Verwenden Sie '', um Quotes in Zeichenketten zu schreiben, oder verw=
enden Sie die Syntax f=FCr Escape-Zeichenketten (E'...').
'a
----------------------- 8< ----------------

(Note the last line here, where it outputs 'a).

9.1 still rejects \' in SJIS, but it now also rejects \' in
UTF-8:

----------------------- 8< ----------------
$ printf "set client_encoding=3D'SJIS'; select '\\\\'a'" | psql -Atq templa=
te1
ERROR:  unterminated quoted string at or near "'"
LINE 1: select '\'a'

$ printf "set client_encoding=3D'UTF8'; select '\\\\'a'" | psql -Atq templa=
te1
ERROR:  unterminated quoted string at or near "'"
LINE 1: select '\'a'
----------------------- 8< ----------------

Since HISTORY does not mention this, is that an explicit decision to
finally deprecate the old \' syntax (which would be great, as it makes
this thing a lot more robust and deterministic, but it might be worth
mentioning it in HISTORY), or an unintended side effect?

Thanks,

Martin
--=20
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)

В списке pgsql-bugs по дате отправления: