From b1756da7541323eae07fe23eaad17ce12f20a56b Mon Sep 17 00:00:00 2001 From: Andres Freund Date: Mon, 10 Feb 2025 10:03:39 -0500 Subject: Specify the encoding of input to fmtId() This commit adds fmtIdEnc() and fmtQualifiedIdEnc(), which allow to specify the encoding as an explicit argument. Additionally setFmtEncoding() is provided, which defines the encoding when no explicit encoding is provided, to avoid breaking all code using fmtId(). All users of fmtId()/fmtQualifiedId() are either converted to the explicit version or a call to setFmtEncoding() has been added. This commit does not yet utilize the now well-defined encoding, that will happen in a subsequent commit. Reviewed-by: Noah Misch Reviewed-by: Tom Lane Backpatch-through: 13 Security: CVE-2025-1094 --- src/bin/scripts/dropuser.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'src/bin/scripts/dropuser.c') diff --git a/src/bin/scripts/dropuser.c b/src/bin/scripts/dropuser.c index 82c1f35ab23..aaee4437d16 100644 --- a/src/bin/scripts/dropuser.c +++ b/src/bin/scripts/dropuser.c @@ -143,7 +143,8 @@ main(int argc, char *argv[]) initPQExpBuffer(&sql); appendPQExpBuffer(&sql, "DROP ROLE %s%s;", - (if_exists ? "IF EXISTS " : ""), fmtId(dropuser)); + (if_exists ? "IF EXISTS " : ""), + fmtIdEnc(dropuser, PQclientEncoding(conn))); if (echo) printf("%s\n", sql.data); -- cgit v1.2.3