On 4/22/19 9:10 PM, Tom Lane wrote:
> Michael Paquier <michael@paquier.xyz> writes:
>> There is no point for the second strlen() check, as strspn does the
>> same work.
>
> Um, no --- the strspn call will count the number of bytes of hex
> data, but without also checking strlen, you don't know that there's
> not non-hex trailing junk.
+1; that's why I left the comparison in.
(e.g. "md512345678901234567890123456789012zzz" would pass without strlen).
Jonathan