From: Pavel Stehule on 23 Jul 2010 02:22 Hello 2010/7/23 Itagaki Takahiro <itagaki.takahiro(a)gmail.com>: > I'm reviewing contrib part of the string functions patch. > > I found an issue in sprintf() to print integer values. In this case, > 'l' (for long type) is used on *all* platforms. For example, > SELECT sprintf('%d', 10); > internally uses > appendStringInfo('%ld', (int64) 10) > > But there are some platform that requires to use %lld for int64 format, probably > on Windows. That's why we have INT64_FORMAT macro. sprintf() needs to be > adjusted to use INT64_FORMAT or similar portable codes. ok, I'll look on it > > Other portion of the patch seems to be OK for me, > unless you have still some idea to extend the feature. > > 2010/7/17 Pavel Stehule <pavel.stehule(a)gmail.com>: >> I have a one idea nonstandard enhancing of sprintf - relatie often job >> is a quoting in PostgreSQL. So sprintf should have a special formats >> for quoted values. What do you think about >> >> %lq ... literal quoted >> %iq ... ident quoted > > They save some keyboard types to write quote_literal() and quote_ident(), right? > They seem to be useful and reasonable for me. One comment is that you might > want to print NULL values as "NULL" instead of "<NULL>" in such cases. > yes, it is good note Thank You very much Regards Pavel Stehule > -- > Itagaki Takahiro > -- Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
From: Pavel Stehule on 24 Jul 2010 11:17 Hello 2010/7/23 Itagaki Takahiro <itagaki.takahiro(a)gmail.com>: > I'm reviewing contrib part of the string functions patch. > > I found an issue in sprintf() to print integer values. In this case, > 'l' (for long type) is used on *all* platforms. For example, > Â SELECT sprintf('%d', 10); > internally uses > Â appendStringInfo('%ld', (int64) 10) > > But there are some platform that requires to use %lld for int64 format, probably > on Windows. That's why we have INT64_FORMAT macro. sprintf() needs to be > adjusted to use INT64_FORMAT or similar portable codes. > fixed - it depends on INT64_FORMAT now. > Other portion of the patch seems to be OK for me, > unless you have still some idea to extend the feature. > > 2010/7/17 Pavel Stehule <pavel.stehule(a)gmail.com>: >> I have a one idea nonstandard enhancing of sprintf - relatie often job >> is a quoting in PostgreSQL. So sprintf should have a special formats >> for quoted values. What do you think about >> >> %lq ... literal quoted >> %iq ... ident quoted > > They save some keyboard types to write quote_literal() and quote_ident(), right? > They seem to be useful and reasonable for me. One comment is that you might > want to print NULL values as "NULL" instead of "<NULL>" in such cases. > NULL is showed as NULL for literal quoting and when ident quoting is used, then exception is raised. Maybe last rule is too hard, but it should be a protection before SQL injection via mal formated SQL Regards Pavel > -- > Itagaki Takahiro >
First
|
Prev
|
Pages: 1 2 3 4 5 Prev: ALTER TABLE SET STATISTICS requiresAccessExclusiveLock Next: [HACKERS] leaky views, yet again |