On 26.08.21 06:52, David G. Johnston wrote:
On Wednesday, August 25, 2021, Christophe Pettus <xof@xxxxxxxxxxxx
<mailto:xof@xxxxxxxxxxxx>> wrote:
lower() and unaccent() (and most string functions) are not marked as
leakproof. Is this due to possible locale / character encoding
errors they might encounter?
I think you are partially correct. Its due to the fact that error
messages, regardless of the root cause, result in the printing of the
input value in the error message as context, thus exists a leak via a
violation of “ It reveals no information about its arguments other than
by its return value. ”
I think if you trace the code, you might find that lower() and upper()
can't really leak anything. It might be worth taking a careful look and
possibly lifting this restriction.
