Change PostgreSQL backend to use PQescapeStringConn

  While the PostgreSQL backend is not known to be in use anywhere we were
  using an older escaping function (PQescapeString) which does not have
  knowledge of the connection character encoding and so has potential
  problems. Switch to using PQescapeStringConn, which does have this
  knowledge.

diff --git a/keydb_pg.c b/keydb_pg.c
index 25881c0820e1c09d8992b88d6947edd0e260e274..812e5d76b1aa079777ffa58a43b579c08a966070 100644 (file)
--- a/keydb_pg.c
+++ b/keydb_pg.c
@@ -218,7 +218,7 @@ static int pg_fetch_key_text(const char *search,
 
        newsearch = malloc(strlen(search) * 2 + 1);
        memset(newsearch, 0, strlen(search) * 2 + 1);
-       PQescapeString(newsearch, search, strlen(search));
+       PQescapeStringConn(dbconn, newsearch, search, strlen(search), NULL);
        snprintf(statement, 1023,
                        "SELECT DISTINCT onak_keys.keydata FROM onak_keys, "
                        "onak_uids WHERE onak_keys.keyid = onak_uids.keyid "
@@ -408,8 +408,8 @@ static int pg_store_key(struct openpgp_publickey *publickey, bool intrans,
                        safeuid = malloc(strlen(uids[i]) * 2 + 1);
                        if (safeuid != NULL) {
                                memset(safeuid, 0, strlen(uids[i]) * 2 + 1);
-                               PQescapeString(safeuid, uids[i],
-                                               strlen(uids[i]));
+                               PQescapeStringConn(dbconn, safeuid, uids[i],
+                                               strlen(uids[i]), NULL);
 
                                snprintf(statement, 1023,
                                        "INSERT INTO onak_uids "