Prev: pgsql: Prevent the injection of invalidly encoded strings by PL/Python
Next: WIP: preloading of ispell dictionary
From: Peter Eisentraut on 22 Mar 2010 19:48
On mån, 2010-03-22 at 19:29 -0400, Tom Lane wrote:
> Peter Eisentraut <peter_e(a)gmx.net> writes:
> > I have never used Tcl before just now, and the documentation is sketchy,
> > but it looks like the behavior of Tcl is kind of mixed in this area.
>
> > Escapes such as "\xd0" are apparently converted to Unicode code points
> > rather than bytes when the appropriate OS locale is set. So that is
> > safe. Except that it doesn't work in some locale/charset setups, such
> > as EUC_JP. To adapt Hannu's original example:
>
> The pltcl code special-cases Unicode IIRC.

You can observe the equivalent behavior in tclsh, so this isn't pltcl at
work here.

One might argue that the leak is really somewhere in Tcl, since it
allows this kind of thing while claiming to use Unicode. But that
doesn't really help us ...


--
Sent via pgsql-hackers mailing list (pgsql-hackers(a)postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

 | 
Pages: 1
Prev: pgsql: Prevent the injection of invalidly encoded strings by PL/Python
Next: WIP: preloading of ispell dictionary