From 6fcd5010e27348541a16a164988ef6a8a8ad9bcc Mon Sep 17 00:00:00 2001
From: Andrew Dunstan <andrew@dunslane.net>
Date: Tue, 9 Mar 2010 02:48:33 +0000
Subject: [PATCH] Add checks for valid encoding of query strings passed to SPI
 by plperl.

---
 src/pl/plperl/plperl.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/pl/plperl/plperl.c b/src/pl/plperl/plperl.c
index 449b283462e..08e88838c8a 100644
--- a/src/pl/plperl/plperl.c
+++ b/src/pl/plperl/plperl.c
@@ -1,7 +1,7 @@
 /**********************************************************************
  * plperl.c - perl as a procedural language for PostgreSQL
  *
- *	  $PostgreSQL: pgsql/src/pl/plperl/plperl.c,v 1.169 2010/02/26 02:01:33 momjian Exp $
+ *	  $PostgreSQL: pgsql/src/pl/plperl/plperl.c,v 1.170 2010/03/09 02:48:33 adunstan Exp $
  *
  **********************************************************************/
 
@@ -2102,6 +2102,8 @@ plperl_spi_exec(char *query, int limit)
 	{
 		int			spi_rv;
 
+		pg_verifymbstr(query, strlen(query), false);
+
 		spi_rv = SPI_execute(query, current_call_data->prodesc->fn_readonly,
 							 limit);
 		ret_hv = plperl_spi_execute_fetch_result(SPI_tuptable, SPI_processed,
@@ -2343,6 +2345,9 @@ plperl_spi_query(char *query)
 		void	   *plan;
 		Portal		portal;
 
+		/* Make sure the query is validly encoded */
+		pg_verifymbstr(query, strlen(query), false);
+
 		/* Create a cursor for the query */
 		plan = SPI_prepare(query, 0, NULL);
 		if (plan == NULL)
@@ -2549,6 +2554,9 @@ plperl_spi_prepare(char *query, int argc, SV **argv)
 			qdesc->argtypioparams[i] = typIOParam;
 		}
 
+		/* Make sure the query is validly encoded */
+		pg_verifymbstr(query, strlen(query), false);
+
 		/************************************************************
 		 * Prepare the plan and check for errors
 		 ************************************************************/
-- 
GitLab