I wrote:
> Justin Pryzby <pryzby@telsasoft.com> writes:
>> This seems to be breaking cfbot's "warnings" test.
> Hmm, well, casting away const is certainly not within pfree's remit,
> so I'm glad we changed this.
Oh, I see: sepgsql's quote_object_name() is doing
const char *temp;
temp = quote_identifier(src1);
appendStringInfoString(&result, temp);
if (src1 != temp)
pfree(temp);
evidently because whoever wrote this felt a compulsion to override
quote_identifier's judgment that possibly leaking the quoted identifier
wasn't worth worrying about. I think we should just nuke this code
altogether and write
appendStringInfoString(&result, quote_identifier(src1));
regards, tom lane