Avoid premature de-doubling of quote marks in ECPG strings.

If you write the literal 'abc''def' in an EXEC SQL command, that will come out the other end as 'abc'def', triggering a syntax error in the backend. Likewise, "abc""def" is reduced to "abc"def" which is wrong syntax for a quoted identifier. The cause is that the lexer thinks it should emit just one quote mark, whereas what it really should do is keep the string as-is. Add some docs and test cases, too. Although this seems clearly a bug, I fear users wouldn't appreciate changing it in minor releases. Some may well be working around it by applying an extra doubling of affected quotes, as for example sql/dyntest.pgc has been doing. Per investigation of a report from 1250kv, although this isn't exactly what he/she was on about. Discussion: https://postgr.es/m/673825.1603223178@sss.pgh.pa.us
2025-07-30 11:03:19 +03:00 · 2020-10-22 17:34:32 -04:00
parent 8bb0c9770e
commit 3dfb1942d9
7 changed files with 28 additions and 20 deletions
--- a/doc/src/sgml/ecpg.sgml
+++ b/doc/src/sgml/ecpg.sgml
@ -31,7 +31,7 @@
   specially marked sections.  To build the program, the source code (<filename>*.pgc</filename>)
   is first passed through the embedded SQL preprocessor, which converts it
   to an ordinary C program (<filename>*.c</filename>), and afterwards it can be processed by a C
-   compiler.  (For details about the compiling and linking see <xref linkend="ecpg-process"/>).
+   compiler.  (For details about the compiling and linking see <xref linkend="ecpg-process"/>.)
   Converted ECPG applications call functions in the libpq library
   through the embedded SQL library (ecpglib), and communicate with
   the PostgreSQL server using the normal frontend-backend protocol.
@ -63,11 +63,22 @@ EXEC SQL ...;
 </programlisting>
   These statements syntactically take the place of a C statement.
   Depending on the particular statement, they can appear at the
-   global level or within a function.  Embedded
+   global level or within a function.
+  </para>
+
+  <para>
+   Embedded
   <acronym>SQL</acronym> statements follow the case-sensitivity rules of
   normal <acronym>SQL</acronym> code, and not those of C. Also they allow nested
-   C-style comments that are part of the SQL standard. The C part of the
+   C-style comments as per the SQL standard. The C part of the
   program, however, follows the C standard of not accepting nested comments.
+   Embedded <acronym>SQL</acronym> statements likewise use SQL rules, not
+   C rules, for parsing quoted strings and identifiers.
+   (See <xref linkend="sql-syntax-strings"/> and
+   <xref linkend="sql-syntax-identifiers"/> respectively.  Note that
+   ECPG assumes that <varname>standard_conforming_strings</varname>
+   is <literal>on</literal>.)
+   Of course, the C part of the program follows C quoting rules.
  </para>

  <para>