postgresql

History

Michael Paquier e77a1c58e3 ecpg: Fix zero-termination of string generated by intoasc() intoasc(), a wrapper for PGTYPESinterval_to_asc that converts an interval to its textual representation, used a plain memcpy() when copying its result. This could miss a zero-termination in the result string, leading to an incorrect result. The routines in informix.c do not provide the length of their result buffer, which would allow a replacement of strcpy() to safer strlcpy() calls, but this requires an ABI breakage and that cannot happen in back-branches. Author: Oleg Tselebrovskiy Reviewed-by: Ashutosh Bapat Discussion: https://postgr.es/m/bf47888585149f83b276861a1662f7e4@postgrespro.ru Backpatch-through: 12		2024-02-19 11:38:18 +09:00
..
compatlib	ecpg: Fix zero-termination of string generated by intoasc()	2024-02-19 11:38:18 +09:00
ecpglib	Avoid concurrent calls to bindtextdomain().	2024-02-09 11:21:08 -05:00
include	Clean up Windows-specific mutex code in libpq and ecpglib.	2024-02-09 11:11:39 -05:00
pgtypeslib	ecpg: Fix error handling on OOMs when parsing timestamps	2024-02-19 09:05:51 +09:00
preproc	Update copyright for 2024	2024-01-03 20:49:05 -05:00
test	ecpg: Fix zero-termination of string generated by intoasc()	2024-02-19 11:38:18 +09:00
Makefile	Remove distprep	2023-11-06 15:18:04 +01:00
README.dynSQL	Fix whitespace issues found by git diff --check, add gitattributes	2013-11-10 14:48:29 -05:00
meson.build	Update copyright for 2024	2024-01-03 20:49:05 -05:00

README.dynSQL

src/interfaces/ecpg/README.dynSQL

descriptor statements have the following shortcomings

- input descriptors (USING DESCRIPTOR <name>) are not supported

  Reason: to fully support dynamic SQL the frontend/backend communication
          should change to recognize input parameters.
          Since this is not likely to happen in the near future and you
          can cover the same functionality with the existing infrastructure
          (using s[n]printf), I'll leave the work to someone else.