Neil Conway <neilc@samurai.com> writes:
> It occurred to me that there is a potential security problem with code
> like:
> char *my_str;
> my_str = read_from_an_untrusted_source();
> appendStringInfo(buf, my_str);
> If my_str contains any formatting characters, this crashes the
> backend. I'm not sure if there are any actual exploitable instances of
> this in the backend, but the above unsafe coding practise is fairly
> common.
It is? I thought I'd gone around and checked for that. If you see any
remaining cases then I'd say they are must-fix items.
regards, tom lane