Noah Misch <noah@leadboat.com> writes:
> On Wed, Feb 19, 2014 at 08:22:13PM -0500, Tom Lane wrote:
>> How much of this is back-patch material, do you think?
> None of it. While many of the failures to validate against a character
> encoding are clear bugs, applications hum along in spite of such bugs and
> break when we tighten the checks. I don't see a concern to override that
> here. Folks who want the tighter checking have some workarounds available.
That's certainly a reasonable position to take concerning the changes for
outside-a-transaction behavior. However, I think there's a case to be
made for adding the additional pg_verify_mbstr() calls in the back
branches. We've been promising since around 8.3 that invalidly encoded
data can't get into a database, and it's disturbing to find that there
are leaks in that.
regards, tom lane