Обсуждение: BUG #4769: xmlconcat produces invalid xml values -> data corruption

Поиск
Список
Период
Сортировка

BUG #4769: xmlconcat produces invalid xml values -> data corruption

От
"Arjen Nienhuis"
Дата:
The following bug has been logged online:

Bug reference:      4769
Logged by:          Arjen Nienhuis
Email address:      a.g.nienhuis@gmail.com
PostgreSQL version: 8.3.7
Operating system:   Ubuntu 8.10 and 9.04
Description:        xmlconcat produces invalid xml values -> data corruption
Details:

'<!DOCTYPE html><html/>' is a valid xml document but not a valid xml
fragment. xmlconcat does not check for this:

SELECT xmlconcat('foo', xmlparse(DOCUMENT '<!DOCTYPE html><html/>'));
         xmlconcat
---------------------------
 foo<!DOCTYPE html><html/>

The result is an invalid xml value that can end up in a table.

==============================================

=> SELECT version();
                                               version

----------------------------------------------------------------------------
-------------------------
 PostgreSQL 8.3.7 on x86_64-pc-linux-gnu, compiled by GCC gcc-4.3.real
(Ubuntu 4.3.3-5ubuntu4) 4.3.3
(1 row)

libxml2 version is 2.6.32.dfsg-5ubuntu4

=============================================

I tried to test this with 8.4 but the ubuntu ppa has depency problems.

Re: BUG #4769: xmlconcat produces invalid xml values -> data corruption

От
Bruce Momjian
Дата:
Where are we on this?  The 9.0 behavior is the same.

---------------------------------------------------------------------------

Arjen Nienhuis wrote:
>
> The following bug has been logged online:
>
> Bug reference:      4769
> Logged by:          Arjen Nienhuis
> Email address:      a.g.nienhuis@gmail.com
> PostgreSQL version: 8.3.7
> Operating system:   Ubuntu 8.10 and 9.04
> Description:        xmlconcat produces invalid xml values -> data corruption
> Details:
>
> '<!DOCTYPE html><html/>' is a valid xml document but not a valid xml
> fragment. xmlconcat does not check for this:
>
> SELECT xmlconcat('foo', xmlparse(DOCUMENT '<!DOCTYPE html><html/>'));
>          xmlconcat
> ---------------------------
>  foo<!DOCTYPE html><html/>
>
> The result is an invalid xml value that can end up in a table.
>
> ==============================================
>
> => SELECT version();
>                                                version
>
> ----------------------------------------------------------------------------
> -------------------------
>  PostgreSQL 8.3.7 on x86_64-pc-linux-gnu, compiled by GCC gcc-4.3.real
> (Ubuntu 4.3.3-5ubuntu4) 4.3.3
> (1 row)
>
> libxml2 version is 2.6.32.dfsg-5ubuntu4
>
> =============================================
>
> I tried to test this with 8.4 but the ubuntu ppa has depency problems.
>
> --
> Sent via pgsql-bugs mailing list (pgsql-bugs@postgresql.org)
> To make changes to your subscription:
> http://www.postgresql.org/mailpref/pgsql-bugs

--
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com
  PG East:  http://www.enterprisedb.com/community/nav-pg-east-2010.do
  + If your life is a hard drive, Christ can be your backup. +