8000 Disallow digits and lower-case ASCII letters as the delimiter in non-CSV · postgrespro/postgres_cluster@2e4cb70 · GitHub
[go: up one dir, main page]
Skip to content

    • Commit 2e4cb70

    Browse files
    tglsfdctglsfdc
    committed
    Disallow digits and lower-case ASCII letters as the delimiter in non-CSV
    COPY. We need a restriction here because when the delimiter occurs as a data character, it is emitted with a backslash, and that will only work as desired if CopyReadAttributesText() will interpret the backslash sequence as representing the second character literally. This is currently untrue for 'b', 'f', 'n', 'r', 't', 'v', 'x', and octal digits. For future-proofing and simplicity of explanation, it seems best to disallow a-z and 0-9. We must also disallow dot, since "\." by itself would look like copy EOF. Note: "\N" is by default the null print string, so N would also cause a problem, but that is already tested for.
    1 parent f1d1ca9 commit 2e4cb70

    File tree

    1 file changed

    +15
    -4
    lines changed

    1 file changed

    +15
    -4
    lines changed

    src/backend/commands/copy.c

    Lines changed: 15 additions & 4 deletions
    Original file line numberDiff line numberDiff line change
    @@ -8,7 +8,7 @@
    88
    *
    99
    *
    1010
    * IDENTIFICATION
    11-
    * $PostgreSQL: pgsql/src/backend/commands/copy.c,v 1.292 2007/12/27 17:00:56 tgl Exp $
    11+
    * $PostgreSQL: pgsql/src/backend/commands/copy.c,v 1.293 2007/12/27 18:28:58 tgl Exp $
    1212
    *
    1313
    *-------------------------------------------------------------------------
    1414
    */
    @@ -872,11 +872,22 @@ DoCopy(const CopyStmt *stmt, const char *queryString)
    872872
    (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
    873873
    errmsg("COPY null representation cannot use newline or carriage return")));
    874874

    875-
    /* Disallow backslash in non-CSV mode */
    876-
    if (!cstate->csv_mode && strchr(cstate->delim, '\\') != NULL)
    875+
    /*
    876+
    * Disallow unsafe delimiter characters in non-CSV mode. We can't allow
    877+
    * backslash because it would be ambiguous. We can't allow the other
    878+
    * cases because data characters matching the delimiter must be
    879+
    * backslashed, and certain backslash combinations are interpreted
    880+
    * non-literally by COPY IN. Disallowing all lower case ASCII letters
    881+
    * is more than strictly necessary, but seems best for consistency and
    882+
    * future-proofing. Likewise we disallow all digits though only octal
    883+
    * digits are actually dangerous.
    884+
    */
    885+
    if (!cstate->csv_mode &&
    886+
    strchr("\\.abcdefghijklmnopqrstuvwxyz0123456789",
    887+
    cstate->delim[0]) != NULL)
    877888
    ereport(ERROR,
    878889
    (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
    879-
    errmsg("COPY delimiter cannot be backslash")));
    890+
    errmsg("COPY delimiter cannot be \"%s\"", cstate->delim)));
    880891

    881892
    /* Check header */
    882893
    if (!cstate->csv_mode && cstate->header_line)

    0 commit comments

    Comments
     (0)
    0