2010/1/18 Robert Haas <robertmhaas@gmail.com>:
> On Sun, Jan 17, 2010 at 2:04 PM, Pavel Stehule <pavel.stehule@gmail.com> wrote:
>> I rewrote patch so now interface for PQescapeIdentConn is same as
>> PQescapeStringConn
>>
>> @3. I though so the protection under incomplete multibyte chars are
>> enought - missing bytes are replaced by space - like
>> PQescapeStringConn does.
>
> That much is fine, but the output buffer is only guaranteed to be of
> size 2n+1. Imagine the input is two double-quotes followed by a byte
> for which pg_encoding_mblen() returns 4. The input is 3 characters
> long so the user was responsible to provide 7 bytes of output space,
> but you'll try to write 9 bytes to it (including the terminating NUL).
>
I don't understand. The "length" is number of bytes, not number of
chars. It is maybe bad documented only. If your input string has 6
bytes, then buffer have to allocated to 13 bytes. Nobody knows how
much is chars there.
>> But now - mechanism is exactly same, so this
>> problem should be solved.
>
> This is no better. What the function does no longer matches either
> its comments or the documentation (which also contradict each other).
>
> Let me take a crack at this and post a patch. We're making this
> harder than it needs to be.
>
sure, please.
Pavel
> ...Robert
>