Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1uRSwj-00C8Mj-Hw for pgsql-general@arkaria.postgresql.org; Tue, 17 Jun 2025 09:49:37 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.94.2) (envelope-from ) id 1uRSwh-007zig-DP for pgsql-general@arkaria.postgresql.org; Tue, 17 Jun 2025 09:49:36 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1uRSwh-007ziX-2L for pgsql-general@lists.postgresql.org; Tue, 17 Jun 2025 09:49:35 +0000 Received: from mail-pg1-x535.google.com ([2607:f8b0:4864:20::535]) by magus.postgresql.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96) (envelope-from ) id 1uRSwc-002WNi-2a for pgsql-general@postgresql.org; Tue, 17 Jun 2025 09:49:32 +0000 Received: by mail-pg1-x535.google.com with SMTP id 41be03b00d2f7-b2fc93728b2so4493440a12.0 for ; Tue, 17 Jun 2025 02:49:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1750153767; x=1750758567; darn=postgresql.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=3VlzgrfS7VzErcyd7omu36JiAA2YQNa6JveJjJK+lNM=; b=Xu4g8d+m7mxgNJOVJrrcc6QoMkl96j3h92Pr6PbzymlGhw7cqpwVxu9kNztt43Sn8+ q9nTr66l3li9NclYjpdTUkEYJMlrhlxz1HVOnyf36JRwOz/ZmKZ0imEyV3ULzfb8iO88 ednPBo0+SXrClqZuGic3C5jHFWgklCDNHt5ozF+0sK+MEJwpHhBI+vuptv2S5VGGwMGt 49Jll6P/rs44Qm/a25tx6C8CC45fvdcc1v42ZT2K4JKMvRCOtkgHtjer40lkCdigPDca gsoFQN4L6eimb8fSzKMnvgVRSgb66gau7fLyrWZY6hsRPqC09/ISxXxJBQH6ernn9/3g dCZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1750153767; x=1750758567; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=3VlzgrfS7VzErcyd7omu36JiAA2YQNa6JveJjJK+lNM=; b=wm3I0JFgw+lTfcqGU4mYYtWGfoAxzt0bcQHCpGcoUEu8QOrNNt9y9GFa2HguAwC0MZ 1In8P3U5F8J8TvAVXrMmipR7CiFgElKlmTu/U3GNn1zJfEiis8gVF9UL93X9Yp599ztl Vm8YT960iXvENL1B2M5U8tREc6v1FqUwKOz/L57pGKN2tLfXsNaZvG8S2xuRYV8X2POI fc7C7cNpTZpMrxR3UucHDC7o+B66BmMnUWU/ayrGknH30qIXhNJCSSzzVp8I/m3vdt66 4gAiiWoSf7YzZKAQ31p2zaF58IpN5YZNk7mFzVAONLrU+9F+Ig0pS7YC1M4GZtKnyf1M sd1w== X-Gm-Message-State: AOJu0Yw8KeVouLROqMuiK/Bzy8KB7YfsuUJb2RNNRqW/Iygl14PJyAvQ VFsdXYZ5mVxY/q4yygpuJ0IkZCv1vNT/T0Mf/dxXvjEulaxHlvAwONBquPJumb1sRok8rVQykOl Ts5Kv35/WmdOlAMwgyFSYwHDF+/CbiqI= X-Gm-Gg: ASbGncvNp9IADwRQX8rgFItiDeaoYG6R1HbAYhiCwnxmUwNBn1hAsg+wA6DJgfdp2Rs gjZx7RgimnJNMNH/QMotod9ZawfgH1yySUV/vxScOzvPMasUnOGvQqrYDuScZWgcHME9CMM13Hb SYeXUyitn3PUlMis1pCSCOmLEeMX5zW7keE3LcEj947ptVfI6+TxkiuCxMfJTHxZF7yj96ysYeh 9o= X-Google-Smtp-Source: AGHT+IHBams9FytJvEMbHayr1ryxopMeQNI3ElXB8I39oR7zwRYPT3QxWXOtljGbNk+645sFN394JeNgsd+Epu/jLX4= X-Received: by 2002:a05:6a21:3283:b0:21c:fea4:60e2 with SMTP id adf61e73a8af0-21fbd50703amr21549241637.3.1750153766950; Tue, 17 Jun 2025 02:49:26 -0700 (PDT) MIME-Version: 1.0 References: <310038.1750018284@sss.pgh.pa.us> In-Reply-To: <310038.1750018284@sss.pgh.pa.us> From: Phillip Diffley Date: Tue, 17 Jun 2025 11:49:15 +0200 X-Gm-Features: AX0GCFumLOkJjoAU_XE4vGQgVhL1D8pm9URFk4Vpi8nQbXj2sEEaWTBQWEDlGJw Message-ID: Subject: Re: Stably escaping an identifier To: Tom Lane Cc: pgsql-general@postgresql.org Content-Type: multipart/alternative; boundary="00000000000094da3b0637c16dfe" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --00000000000094da3b0637c16dfe Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Thanks! On Sun, Jun 15, 2025 at 10:11=E2=80=AFPM Tom Lane wrote= : > Phillip Diffley writes: > > Is there a reliable way to determine if an identifier has already been > > escaped, or alternatively is there a function that will stably escape a= n > > identifier such that the identifier will not change if the function is > > called repeatedly? > > This is impossible in general, because you can't know if the > double-quotes are meant to be part of the identifier value. > > My advice here would be to flat-out reject input identifiers that > contain double quotes. I'd suggest banning newlines too while > at it, as those are known to create security issues in some > contexts. > > regards, tom lane > --00000000000094da3b0637c16dfe Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Thanks!

On Sun, Jun 15, 2025 at 10:11= =E2=80=AFPM Tom Lane <tgl@sss.pgh.p= a.us> wrote:
Phillip Diffley <phillip6402@gmail.com> writes:
> Is there a reliable way to determine if an identifier has already been=
> escaped, or alternatively is there a function that will stably escape = an
> identifier such that the identifier will not change if the function is=
> called repeatedly?

This is impossible in general, because you can't know if the
double-quotes are meant to be part of the identifier value.

My advice here would be to flat-out reject input identifiers that
contain double quotes.=C2=A0 I'd suggest banning newlines too while
at it, as those are known to create security issues in some
contexts.

=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 regards, tom lane
--00000000000094da3b0637c16dfe--