Re: [PATCH] Make jsonapi usable from libpq

Jacob Champion <pchampion@vmware.com> writes:
> What would you think about a src/port of asprintf()? Maybe libpq
> doesn't change quickly enough to worry about it, but having developers
> revisit stack allocation for strings every time they target the libpq
> parts of the code seems like a recipe for security problems.

The existing convention is to use pqexpbuffer.c, which seems strictly
cleaner and more robust than asprintf.  In particular its behavior under
OOM conditions is far easier/safer to work with.  Maybe we should consider
moving that into src/common/ so that it can be used by code that's not
tightly bound into libpq?

            regards, tom lane