summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c9bb00f)
raw | patch | inline | side by side (parent: c9bb00f)
| author | Noah Misch <noah@leadboat.com> | |
| Mon, 8 Aug 2016 14:07:46 +0000 (10:07 -0400) | ||
| committer | Noah Misch <noah@leadboat.com> | |
| Mon, 8 Aug 2016 14:07:50 +0000 (10:07 -0400) |
In arguments, these meta-commands wrongly treated each pair as closing
the double quoted string. Make the behavior match the documentation.
This is a compatibility break, but I more expect to find software with
untested reliance on the documented behavior than software reliant on
today's behavior. Back-patch to 9.1 (all supported versions).
Reviewed by Tom Lane and Peter Eisentraut.
Security: CVE-2016-5424
the double quoted string. Make the behavior match the documentation.
This is a compatibility break, but I more expect to find software with
untested reliance on the documented behavior than software reliant on
today's behavior. Back-patch to 9.1 (all supported versions).
Reviewed by Tom Lane and Peter Eisentraut.
Security: CVE-2016-5424
| src/bin/psql/psqlscan.l | patch | blob | blame | history |
index be059abd8d9f8cdc8552ad35077355c4402ed326..dc727f7b71a7cb289efeed6e8c37f9f1506a5ef0 100644 (file)
--- a/src/bin/psql/psqlscan.l
+++ b/src/bin/psql/psqlscan.l
/* Keep the first quote, remove the second */
cp++;
}
- inquotes = !inquotes;
+ else
+ inquotes = !inquotes;
/* Collapse out quote at *cp */
memmove(cp, cp + 1, strlen(cp));
mybuf.len--;