Collected from the PG bugs email list.
|OS||Docker alpine edge|
Body of first available message related to this bug follows.
The following bug has been logged on the website: Bug reference: 16282 Logged by: RekGRpth Email address: (redacted) PostgreSQL version: 12.2 Operating system: Docker alpine edge Description: To avoid sql-injections at identifiers I suggest to create new IDOID type for PQexecParams (and others libpq) and SPI_execute_with_args (and other spi) that will bw worked as %I in format command. Now I need use PQescapeIdentifier for libpq and quote_identifier for spi, but with new IDOID type I can transfrer identifiers wia args with this type!
|2020-02-28 08:00:33+00||PG Bug reporting form||BUG #16282: Avoid sql-injections at identifiers|