ASCII Null control character validation
Hello, hackers!
I found in src/backend/utils/mb/wchar.c: pg_verify_mbstr_len() that it
reports ASCII Null character (\000) as invalid. As for me, it should
pass validation. However, ASCII Null character breaks a line and the
end of the line is missed, try:
INSERT INTO mytable VALUES (E'a\001b\000c and rest of line MIA');
Find patch attached. Am I wrong?
--
Alexey Chernyshov
Postgres Professional: http://www.postgrespro.com
The Russian Postgres Company
Attachments:
0001-Fix-0x00-symbol-validation.patchtext/x-patchDownload+5-12
Alexey Chernyshov <a.chernyshov@postgrespro.ru> writes:
I found in src/backend/utils/mb/wchar.c: pg_verify_mbstr_len() that it
reports ASCII Null character (\000) as invalid. As for me, it should
pass validation.
This is intentional and we're not going to change it. There is too
much code in the backend that relies on NUL-terminated strings ...
However, ASCII Null character breaks a line and the
end of the line is missed, try:
INSERT INTO mytable VALUES (E'a\001b\000c and rest of line MIA');
... like that for instance. See (many) past discussions of this issue.
regards, tom lane
On 11/30/17 03:13, Alexey Chernyshov wrote:
I found in src/backend/utils/mb/wchar.c: pg_verify_mbstr_len() that it
reports ASCII Null character (\000) as invalid. As for me, it should
pass validation. However, ASCII Null character breaks a line and the
end of the line is missed, try:INSERT INTO mytable VALUES (E'a\001b\000c and rest of line MIA');
Find patch attached. Am I wrong?
The main reason why you can't usefully have null characters in a string
literal is that the type input functions take a cstring as input, so no
string with a null character can possibly be input to a type.
So removing that check would just cause failure or confusion later.
--
Peter Eisentraut http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services