Prev: pgsql: Prevent the injection of invalidly encodedstrings by PL/Python
Next: pgsql: Prevent the injection ofinvalidly encoded strings by PL/Python
From: Tom Lane on 22 Mar 2010 19:29
Peter Eisentraut <peter_e(a)gmx.net> writes:
> I have never used Tcl before just now, and the documentation is sketchy,
> but it looks like the behavior of Tcl is kind of mixed in this area.

> Escapes such as "\xd0" are apparently converted to Unicode code points
> rather than bytes when the appropriate OS locale is set. So that is
> safe. Except that it doesn't work in some locale/charset setups, such
> as EUC_JP. To adapt Hannu's original example:

The pltcl code special-cases Unicode IIRC.

regards, tom lane

--
Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

 | 
Pages: 1
Prev: pgsql: Prevent the injection of invalidly encodedstrings by PL/Python
Next: pgsql: Prevent the injection ofinvalidly encoded strings by PL/Python