diff options
| author | Tom Lane <tgl@sss.pgh.pa.us> | 2020-10-22 17:34:32 -0400 |
|---|---|---|
| committer | Tom Lane <tgl@sss.pgh.pa.us> | 2020-10-22 18:29:46 -0400 |
| commit | 3dfb1942d9b8748b93094a430289e2f7f3b3ae0d (patch) | |
| tree | fc5741979ce8e129518f2da8d0bfdd8948444fdf /doc/src | |
| parent | 8bb0c9770e80fa79f15b27af8f3c3f2833225aa3 (diff) | |
| download | postgresql-3dfb1942d9b8748b93094a430289e2f7f3b3ae0d.tar.gz postgresql-3dfb1942d9b8748b93094a430289e2f7f3b3ae0d.zip | |
Avoid premature de-doubling of quote marks in ECPG strings.
If you write the literal 'abc''def' in an EXEC SQL command, that will
come out the other end as 'abc'def', triggering a syntax error in the
backend. Likewise, "abc""def" is reduced to "abc"def" which is wrong
syntax for a quoted identifier.
The cause is that the lexer thinks it should emit just one quote
mark, whereas what it really should do is keep the string as-is.
Add some docs and test cases, too.
Although this seems clearly a bug, I fear users wouldn't appreciate
changing it in minor releases. Some may well be working around it
by applying an extra doubling of affected quotes, as for example
sql/dyntest.pgc has been doing.
Per investigation of a report from 1250kv, although this isn't
exactly what he/she was on about.
Discussion: https://postgr.es/m/673825.1603223178@sss.pgh.pa.us
Diffstat (limited to 'doc/src')
| -rw-r--r-- | doc/src/sgml/ecpg.sgml | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/doc/src/sgml/ecpg.sgml b/doc/src/sgml/ecpg.sgml index 6e3ca788f6e..419574e9ea6 100644 --- a/doc/src/sgml/ecpg.sgml +++ b/doc/src/sgml/ecpg.sgml @@ -31,7 +31,7 @@ specially marked sections. To build the program, the source code (<filename>*.pgc</filename>) is first passed through the embedded SQL preprocessor, which converts it to an ordinary C program (<filename>*.c</filename>), and afterwards it can be processed by a C - compiler. (For details about the compiling and linking see <xref linkend="ecpg-process"/>). + compiler. (For details about the compiling and linking see <xref linkend="ecpg-process"/>.) Converted ECPG applications call functions in the libpq library through the embedded SQL library (ecpglib), and communicate with the PostgreSQL server using the normal frontend-backend protocol. @@ -63,11 +63,22 @@ EXEC SQL ...; </programlisting> These statements syntactically take the place of a C statement. Depending on the particular statement, they can appear at the - global level or within a function. Embedded + global level or within a function. + </para> + + <para> + Embedded <acronym>SQL</acronym> statements follow the case-sensitivity rules of normal <acronym>SQL</acronym> code, and not those of C. Also they allow nested - C-style comments that are part of the SQL standard. The C part of the + C-style comments as per the SQL standard. The C part of the program, however, follows the C standard of not accepting nested comments. + Embedded <acronym>SQL</acronym> statements likewise use SQL rules, not + C rules, for parsing quoted strings and identifiers. + (See <xref linkend="sql-syntax-strings"/> and + <xref linkend="sql-syntax-identifiers"/> respectively. Note that + ECPG assumes that <varname>standard_conforming_strings</varname> + is <literal>on</literal>.) + Of course, the C part of the program follows C quoting rules. </para> <para> |