diff options
| author | Peter Eisentraut <peter_e@gmx.net> | 2009-06-09 22:00:57 +0000 |
|---|---|---|
| committer | Peter Eisentraut <peter_e@gmx.net> | 2009-06-09 22:00:57 +0000 |
| commit | 9b7304bc25f9e9d3e413b1efd84435ba7f4bd326 (patch) | |
| tree | 6a04529422ed91445d22291b7c4e861470b3e96d /src/backend/utils/adt/xml.c | |
| parent | e343eaafc2cc7f39235ffe10c78dd7275a9f2d04 (diff) | |
| download | postgresql-9b7304bc25f9e9d3e413b1efd84435ba7f4bd326.tar.gz postgresql-9b7304bc25f9e9d3e413b1efd84435ba7f4bd326.zip | |
Fix xmlattribute escaping XML special characters twice (bug #4822).
Author: Itagaki Takahiro <itagaki.takahiro@oss.ntt.co.jp>
Diffstat (limited to 'src/backend/utils/adt/xml.c')
| -rw-r--r-- | src/backend/utils/adt/xml.c | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c index 57e9595af8d..fca92e867d0 100644 --- a/src/backend/utils/adt/xml.c +++ b/src/backend/utils/adt/xml.c @@ -7,7 +7,7 @@ * Portions Copyright (c) 1996-2009, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * - * $PostgreSQL: pgsql/src/backend/utils/adt/xml.c,v 1.89 2009/06/08 21:32:33 petere Exp $ + * $PostgreSQL: pgsql/src/backend/utils/adt/xml.c,v 1.90 2009/06/09 22:00:57 petere Exp $ * *------------------------------------------------------------------------- */ @@ -569,7 +569,7 @@ xmlelement(XmlExprState *xmlExpr, ExprContext *econtext) if (isnull) str = NULL; else - str = map_sql_value_to_xml_value(value, exprType((Node *) e->expr)); + str = map_sql_value_to_xml_value(value, exprType((Node *) e->expr), false); named_arg_strings = lappend(named_arg_strings, str); i++; } @@ -587,7 +587,7 @@ xmlelement(XmlExprState *xmlExpr, ExprContext *econtext) if (!isnull) { str = map_sql_value_to_xml_value(value, - exprType((Node *) e->expr)); + exprType((Node *) e->expr), true); arg_strings = lappend(arg_strings, str); } } @@ -1580,9 +1580,18 @@ map_xml_name_to_sql_identifier(char *name) /* * Map SQL value to XML value; see SQL/XML:2003 section 9.16. + * + * When xml_escape_strings is true, then certain characters in string + * values are replaced by entity references (< etc.), as specified + * in SQL/XML:2003 section 9.16 GR 8) ii). This is normally what is + * wanted. The false case is mainly useful when the resulting value + * is used with xmlTextWriterWriteAttribute() to write out an + * attribute, because that function does the escaping itself. The SQL + * standard of 2003 is somewhat buggy in this regard, so we do our + * best to make sense. */ char * -map_sql_value_to_xml_value(Datum value, Oid type) +map_sql_value_to_xml_value(Datum value, Oid type, bool xml_escape_strings) { StringInfoData buf; @@ -1616,7 +1625,7 @@ map_sql_value_to_xml_value(Datum value, Oid type) appendStringInfoString(&buf, "<element>"); appendStringInfoString(&buf, map_sql_value_to_xml_value(elem_values[i], - elmtype)); + elmtype, true)); appendStringInfoString(&buf, "</element>"); } @@ -1774,8 +1783,8 @@ map_sql_value_to_xml_value(Datum value, Oid type) getTypeOutputInfo(type, &typeOut, &isvarlena); str = OidOutputFunctionCall(typeOut, value); - /* ... exactly as-is for XML */ - if (type == XMLOID) + /* ... exactly as-is for XML, and when escaping is not wanted */ + if (type == XMLOID || !xml_escape_strings) return str; /* otherwise, translate special characters as needed */ @@ -3183,7 +3192,7 @@ SPI_sql_row_to_xmlelement(int rownum, StringInfo result, char *tablename, appendStringInfo(result, " <%s>%s</%s>\n", colname, map_sql_value_to_xml_value(colval, - SPI_gettypeid(SPI_tuptable->tupdesc, i)), + SPI_gettypeid(SPI_tuptable->tupdesc, i), true), colname); } |