Remove libpq's PQescapeIdentifier(), not safe from injection attacks.

3 files changed, 3 insertions, 43 deletions

diff --git a/src/interfaces/libpq/exports.txt b/src/interfaces/libpq/exports.txt
index 37655638434..078e4f9771a 100644
--- a/src/interfaces/libpq/exports.txt
+++ b/src/interfaces/libpq/exports.txt
@@ -1,4 +1,4 @@
-# $PostgreSQL: pgsql/src/interfaces/libpq/exports.txt,v 1.12 2006/06/27 00:03:41 momjian Exp $
+# $PostgreSQL: pgsql/src/interfaces/libpq/exports.txt,v 1.13 2006/07/04 13:22:15 momjian Exp $
 # Functions to be exported by libpq DLLs
 PQconnectdb               1
 PQsetdbLogin              2
@@ -130,5 +130,3 @@ PQescapeByteaConn         127
 PQencryptPassword         128
 PQisthreadsafe            129
 enlargePQExpBuffer        130
-PQescapeIdentifier        131
-
diff --git a/src/interfaces/libpq/fe-exec.c b/src/interfaces/libpq/fe-exec.c
index 76981fa0d1e..b40e6b9d514 100644
--- a/src/interfaces/libpq/fe-exec.c
+++ b/src/interfaces/libpq/fe-exec.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $PostgreSQL: pgsql/src/interfaces/libpq/fe-exec.c,v 1.187 2006/06/27 00:03:41 momjian Exp $
+ *	  $PostgreSQL: pgsql/src/interfaces/libpq/fe-exec.c,v 1.188 2006/07/04 13:22:15 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -2516,42 +2516,6 @@ PQescapeString(char *to, const char *from, size_t length)
 }
 
 /*
- * Escaping arbitrary strings to get valid SQL identifier strings.
- *
- * Replaces " with "".
- *
- * length is the length of the source string.  (Note: if a terminating NUL
- * is encountered sooner, PQescapeIdentifier stops short of "length"; the behavior
- * is thus rather like strncpy.)
- *
- * For safety the buffer at "to" must be at least 2*length + 1 bytes long.
- * A terminating NUL character is added to the output string, whether the
- * input is NUL-terminated or not.
- *
- * Returns the actual length of the output (not counting the terminating NUL).
- */
-size_t
-PQescapeIdentifier(char *to, const char *from, size_t length)
-{
-	const char *source = from;
-	char	   *target = to;
-	size_t		remaining = length;
-
-	while (remaining > 0 && *source != '\0')
-	{
-		if (*source  == '"')
-			*target++ = *source;
-		*target++ = *source++;
-		remaining--;
-	}
-
-	/* Write the terminating NUL character. */
-	*target = '\0';
-
-	return target - to;
-}
-
-/*
  *		PQescapeBytea	- converts from binary string to the
  *		minimal encoding necessary to include the string in an SQL
  *		INSERT statement with a bytea type column as the target.
diff --git a/src/interfaces/libpq/libpq-fe.h b/src/interfaces/libpq/libpq-fe.h
index 272ccc87deb..e2542c3a05e 100644
--- a/src/interfaces/libpq/libpq-fe.h
+++ b/src/interfaces/libpq/libpq-fe.h
@@ -7,7 +7,7 @@
  * Portions Copyright (c) 1996-2006, PostgreSQL Global Development Group
  * Portions Copyright (c) 1994, Regents of the University of California
  *
- * $PostgreSQL: pgsql/src/interfaces/libpq/libpq-fe.h,v 1.130 2006/06/27 00:03:42 momjian Exp $
+ * $PostgreSQL: pgsql/src/interfaces/libpq/libpq-fe.h,v 1.131 2006/07/04 13:22:15 momjian Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -436,8 +436,6 @@ extern unsigned char *PQescapeByteaConn(PGconn *conn,
 				  size_t *to_length);
 extern unsigned char *PQunescapeBytea(const unsigned char *strtext,
 				size_t *retbuflen);
-extern size_t PQescapeIdentifier(char *to, const char *from, size_t length);
-
 /* These forms are deprecated! */
 extern size_t PQescapeString(char *to, const char *from, size_t length);
 extern unsigned char *PQescapeBytea(const unsigned char *from, size_t from_length,