The situation seems to be a bug that this patch would address. It seems to
me that when a username is considered unsafe due to containing double
quotes, the double quotes should be escaped (and the backslashes)!
Does this look alright?
Chris
Index: src/backend/utils/adt/acl.c
===================================================================
RCS file: /projects/cvsroot/pgsql-server/src/backend/utils/adt/acl.c,v
retrieving revision 1.94
diff -c -r1.94 acl.c
*** src/backend/utils/adt/acl.c 4 Aug 2003 02:40:04 -0000 1.94
--- src/backend/utils/adt/acl.c 8 Aug 2003 09:03:19 -0000
***************
*** 124,131 **** } if (!safe) *p++ = '"';
! for (src = s; *src; src++) *p++ = *src; if (!safe) *p++ = '"'; *p =
'\0';
--- 124,134 ---- } if (!safe) *p++ = '"';
! for (src = s; *src; src++) {
! if (!safe && (*src == '"' || *src == '\\'))
! *p++ = '\\'; *p++ = *src;
+ } if (!safe) *p++ = '"'; *p = '\0';