Andrew Dunstan <andrew@dunslane.net> writes:
> Last year Jeff suggested adding something like:
> pg_verifymbstr(string,strlen(string),0);
> to each relevant input routine. Would that be an acceptable solution?
The problem with that is that it duplicates effort: in many cases
(especially COPY IN) the data's already been validated. I'm not sure
how to fix that, but I think you'll get some push-back if you double
the encoding verification work in COPY for nothing.
Given that we are moving away from backslash-enabled literals, I'm
not as convinced as some that this must be fixed...
regards, tom lane