Add checks for valid encoding of query strings passed to SPI by plperl.

adunstan · adunstan · commit 6fcd5010e273 · 2010-03-09T02:48:33.000Z
diff --git a/src/pl/plperl/plperl.c b/src/pl/plperl/plperl.c
@@ -1,7 +1,7 @@
 /**********************************************************************
  * plperl.c - perl as a procedural language for PostgreSQL
  *
- *	  $PostgreSQL: pgsql/src/pl/plperl/plperl.c,v 1.169 2010/02/26 02:01:33 momjian Exp $
+ *	  $PostgreSQL: pgsql/src/pl/plperl/plperl.c,v 1.170 2010/03/09 02:48:33 adunstan Exp $
  *
  **********************************************************************/
 
@@ -2102,6 +2102,8 @@ plperl_spi_exec(char *query, int limit)
 	{
 		int			spi_rv;
 
+		pg_verifymbstr(query, strlen(query), false);
+
 		spi_rv = SPI_execute(query, current_call_data->prodesc->fn_readonly,
 							 limit);
 		ret_hv = plperl_spi_execute_fetch_result(SPI_tuptable, SPI_processed,
@@ -2343,6 +2345,9 @@ plperl_spi_query(char *query)
 		void	   *plan;
 		Portal		portal;
 
+		/* Make sure the query is validly encoded */
+		pg_verifymbstr(query, strlen(query), false);
+
 		/* Create a cursor for the query */
 		plan = SPI_prepare(query, 0, NULL);
 		if (plan == NULL)
@@ -2549,6 +2554,9 @@ plperl_spi_prepare(char *query, int argc, SV **argv)
 			qdesc->argtypioparams[i] = typIOParam;
 		}
 
+		/* Make sure the query is validly encoded */
+		pg_verifymbstr(query, strlen(query), false);
+
 		/************************************************************
 		 * Prepare the plan and check for errors
 		 ************************************************************/
