Fix xmlattribute escaping XML special characters twice (bug #4822).

Author: Itagaki Takahiro <itagaki.takahiro@oss.ntt.co.jp>

diff --git a/src/backend/executor/execQual.c b/src/backend/executor/execQual.c
index 870b3213c601913f916f5192734a15dae65ffb25..3baad1e2455f396787905593652c0b53ea12045f 100644 (file)
--- a/src/backend/executor/execQual.c
+++ b/src/backend/executor/execQual.c
@@ -3243,7 +3243,7 @@ ExecEvalXml(XmlExprState *xmlExpr, ExprContext *econtext,
                                {
                                        appendStringInfo(&buf, "<%s>%s</%s>",
                                                                         argname,
-                                                                        map_sql_value_to_xml_value(value, exprType((Node *) e->expr)),
+                                                                        map_sql_value_to_xml_value(value, exprType((Node *) e->expr), true),
                                                                         argname);
                                        *isNull = false;
                                }

diff --git a/src/backend/utils/adt/xml.c b/src/backend/utils/adt/xml.c
index 8f9ad5106ad7194cfcbab4734669c3f6f4918af4..f6292b913772cb0a1e54ae99d78928bb794310e5 100644 (file)
--- a/src/backend/utils/adt/xml.c
+++ b/src/backend/utils/adt/xml.c
@@ -569,7 +569,7 @@ xmlelement(XmlExprState *xmlExpr, ExprContext *econtext)
                if (isnull)
                        str = NULL;
                else
-                       str = map_sql_value_to_xml_value(value, exprType((Node *) e->expr));
+                       str = map_sql_value_to_xml_value(value, exprType((Node *) e->expr), false);
                named_arg_strings = lappend(named_arg_strings, str);
                i++;
        }
@@ -587,7 +587,7 @@ xmlelement(XmlExprState *xmlExpr, ExprContext *econtext)
                if (!isnull)
                {
                        str = map_sql_value_to_xml_value(value,
-                                                                                        exprType((Node *) e->expr));
+                                                                                        exprType((Node *) e->expr), true);
                        arg_strings = lappend(arg_strings, str);
                }
        }
@@ -1580,9 +1580,18 @@ map_xml_name_to_sql_identifier(char *name)
 
 /*
  * Map SQL value to XML value; see SQL/XML:2003 section 9.16.
+ *
+ * When xml_escape_strings is true, then certain characters in string
+ * values are replaced by entity references (< etc.), as specified
+ * in SQL/XML:2003 section 9.16 GR 8) ii).  This is normally what is
+ * wanted.  The false case is mainly useful when the resulting value
+ * is used with xmlTextWriterWriteAttribute() to write out an
+ * attribute, because that function does the escaping itself.  The SQL
+ * standard of 2003 is somewhat buggy in this regard, so we do our
+ * best to make sense.
  */
 char *
-map_sql_value_to_xml_value(Datum value, Oid type)
+map_sql_value_to_xml_value(Datum value, Oid type, bool xml_escape_strings)
 {
        StringInfoData buf;
 
@@ -1616,7 +1625,7 @@ map_sql_value_to_xml_value(Datum value, Oid type)
                        appendStringInfoString(&buf, "<element>");
                        appendStringInfoString(&buf,
                                                                   map_sql_value_to_xml_value(elem_values[i],
-                                                                                                                         elmtype));
+                                                                                                                         elmtype, true));
                        appendStringInfoString(&buf, "</element>");
                }
 
@@ -1774,8 +1783,8 @@ map_sql_value_to_xml_value(Datum value, Oid type)
                getTypeOutputInfo(type, &typeOut, &isvarlena);
                str = OidOutputFunctionCall(typeOut, value);
 
-               /* ... exactly as-is for XML */
-               if (type == XMLOID)
+               /* ... exactly as-is for XML, and when escaping is not wanted */
+               if (type == XMLOID || !xml_escape_strings)
                        return str;
 
                /* otherwise, translate special characters as needed */
@@ -3183,7 +3192,7 @@ SPI_sql_row_to_xmlelement(int rownum, StringInfo result, char *tablename,
                        appendStringInfo(result, "  <%s>%s</%s>\n",
                                                         colname,
                                                         map_sql_value_to_xml_value(colval,
-                                                                       SPI_gettypeid(SPI_tuptable->tupdesc, i)),
+                                                               SPI_gettypeid(SPI_tuptable->tupdesc, i), true),
                                                         colname);
        }
 

diff --git a/src/include/utils/xml.h b/src/include/utils/xml.h
index 636b55a16bd42ae8b9b6449610a4c8c46cf4c9e5..ebebfc931471d886bae55f997a83a7a2bbb3457b 100644 (file)
--- a/src/include/utils/xml.h
+++ b/src/include/utils/xml.h
@@ -73,7 +73,7 @@ extern text *xmltotext_with_xmloption(xmltype *data, XmlOptionType xmloption_arg
 
 extern char *map_sql_identifier_to_xml_name(char *ident, bool fully_escaped, bool escape_period);
 extern char *map_xml_name_to_sql_identifier(char *name);
-extern char *map_sql_value_to_xml_value(Datum value, Oid type);
+extern char *map_sql_value_to_xml_value(Datum value, Oid type, bool xml_escape_strings);
 
 typedef enum
 {

diff --git a/src/test/regress/expected/xml.out b/src/test/regress/expected/xml.out
index 30b332aeccafd0e3de01a9eea35519c29f098323..ecca5896a70c2afe483e936a3b6eb2eb334881b4 100644 (file)
--- a/src/test/regress/expected/xml.out
+++ b/src/test/regress/expected/xml.out
@@ -188,6 +188,12 @@ SELECT xmlelement(name foo, xmlattributes('2009-04-09 00:24:37'::timestamp as ba
 SELECT xmlelement(name foo, xmlattributes('infinity'::timestamp as bar));
 ERROR:  timestamp out of range
 DETAIL:  XML does not support infinite timestamp values.
+SELECT xmlelement(name foo, xmlattributes('<>&"''' as funny, xml 'b<a/>r' as funnier));
+                         xmlelement                         
+------------------------------------------------------------
+ <foo funny="&lt;&gt;&amp;&quot;'" funnier="b&lt;a/&gt;r"/>
+(1 row)
+
 SELECT xmlparse(content 'abc');
  xmlparse 
 ----------

diff --git a/src/test/regress/expected/xml_1.out b/src/test/regress/expected/xml_1.out
index c8eb1e425e2c21fde0daba13c4cdd68cd2ef2cab..d542b0689a9dbc386bfb8c57237d923224488383 100644 (file)
--- a/src/test/regress/expected/xml_1.out
+++ b/src/test/regress/expected/xml_1.out
@@ -160,6 +160,10 @@ SELECT xmlelement(name foo, xmlattributes('infinity'::timestamp as bar));
 ERROR:  unsupported XML feature
 DETAIL:  This functionality requires the server to be built with libxml support.
 HINT:  You need to rebuild PostgreSQL using --with-libxml.
+SELECT xmlelement(name foo, xmlattributes('<>&"''' as funny, xml 'b<a/>r' as funnier));
+ERROR:  unsupported XML feature
+DETAIL:  This functionality requires the server to be built with libxml support.
+HINT:  You need to rebuild PostgreSQL using --with-libxml.
 SELECT xmlparse(content 'abc');
 ERROR:  unsupported XML feature
 DETAIL:  This functionality requires the server to be built with libxml support.

diff --git a/src/test/regress/sql/xml.sql b/src/test/regress/sql/xml.sql
index 50550aaa3583baaa572c1bec27afa150fd7fc720..086eedd27004edde15ab540280b3469dde846692 100644 (file)
--- a/src/test/regress/sql/xml.sql
+++ b/src/test/regress/sql/xml.sql
@@ -57,6 +57,7 @@ SELECT xmlelement(name foo, bytea 'bar');
 SELECT xmlelement(name foo, xmlattributes(true as bar));
 SELECT xmlelement(name foo, xmlattributes('2009-04-09 00:24:37'::timestamp as bar));
 SELECT xmlelement(name foo, xmlattributes('infinity'::timestamp as bar));
+SELECT xmlelement(name foo, xmlattributes('<>&"''' as funny, xml 'b<a/>r' as funnier));
 
 
 SELECT xmlparse(content 'abc');