From 45b1a67a0fcb3f1588df596431871de4c93cb76f Mon Sep 17 00:00:00 2001
From: Peter Eisentraut
Date: Tue, 13 Sep 2022 16:10:44 +0200
Subject: pg_clean_ascii(): escape bytes rather than lose them

Rather than replace each unprintable byte with a '?' character, replace
it with a hex escape instead. The API now allocates a copy rather than
modifying the input in place.

Author: Jacob Champion <jchampion@timescale.com>
Discussion: https://www.postgresql.org/message-id/CAAWbhmgsvHrH9wLU2kYc3pOi1KSenHSLAHBbCVmmddW6-mc_=w@mail.gmail.com
---
 src/backend/postmaster/postmaster.c |  6 +-----
 src/backend/utils/misc/guc.c        | 22 ++++++++++++++++++++--
 2 files changed, 21 insertions(+), 7 deletions(-)

(limited to 'src/backend')

diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c
index e75611fdd54..de1184ad7b7 100644
--- a/src/backend/postmaster/postmaster.c
+++ b/src/backend/postmaster/postmaster.c
@@ -2280,11 +2280,7 @@ retry1:
 				 */
 				if (strcmp(nameptr, "application_name") == 0)
 				{
-					char	   *tmp_app_name = pstrdup(valptr);
-
-					pg_clean_ascii(tmp_app_name);
-
-					port->application_name = tmp_app_name;
+					port->application_name = pg_clean_ascii(valptr, 0);
 				}
 			}
 			offset = valoffset + strlen(valptr) + 1;
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index 782870cdf0d..ec64b39272b 100644
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@@ -12921,9 +12921,18 @@ assign_maintenance_io_concurrency(int newval, void *extra)
 static bool
 check_application_name(char **newval, void **extra, GucSource source)
 {
+	char	   *clean;
+
 	/* Only allow clean ASCII chars in the application name */
-	pg_clean_ascii(*newval);
+	clean = pg_clean_ascii(*newval, MCXT_ALLOC_NO_OOM);
+	if (!clean)
+		return false;
+
+	clean = guc_strdup(WARNING, clean);
+	if (!clean)
+		return false;
 
+	*newval = clean;
 	return true;
 }
 
@@ -12937,9 +12946,18 @@ assign_application_name(const char *newval, void *extra)
 static bool
 check_cluster_name(char **newval, void **extra, GucSource source)
 {
+	char	   *clean;
+
 	/* Only allow clean ASCII chars in the cluster name */
-	pg_clean_ascii(*newval);
+	clean = pg_clean_ascii(*newval, MCXT_ALLOC_NO_OOM);
+	if (!clean)
+		return false;
+
+	clean = guc_strdup(WARNING, clean);
+	if (!clean)
+		return false;
 
+	*newval = clean;
 	return true;
 }
 
-- 
cgit v1.2.3