pass variable contains null character to postgres may cause SQL error
Imported from http://bugzilla.roxen.com/bugzilla/show_bug.cgi?id=4651
Reported by Eiichiro ITANI, emu@ceres.dti.ne.jp
I'm not sure this is bug, or wrong usage of tag. It cause SQL error to throw query postgres with array variable.
Suppose test.html contains these lines.
<emit source="sql" host="postgres-server"
query="SELECT :v AS v" bindings="v=form.v">
&_.v;
</emit>Then, accessing
causes error
RXML run error: Query failed: ERROR: unterminated quoted string at or near "'1" LINE 1: SELECT '1 ^
|
That error happened because null character directry passed to postgres server. Of course, I should check and sanitize form.v to be plain string.
And I also noticed, accessing
http://host/test.html?v=abc%00def
this would make reply just "abc". I checked query log of postgres, and found that query as follows:
BEGIN DECLARE _pikecursor CURSOR FOR SELECT 'abc' as v FETCH 64 IN _pikecursor FETCH 64 IN _pikecursor COMMIT
Characters after null chopped.
Aren't they quoting problem of postgresql binding?