Peter Eisentraut <peter.eisentraut@xxxxxxxxxxxxxxxx> writes: > On 26.08.21 06:52, David G. Johnston wrote: >> On Wednesday, August 25, 2021, Christophe Pettus <xof@xxxxxxxxxxxx >> <mailto:xof@xxxxxxxxxxxx>> wrote: >>> lower() and unaccent() (and most string functions) are not marked as >>> leakproof. Is this due to possible locale / character encoding >>> errors they might encounter? > I think if you trace the code, you might find that lower() and upper() > can't really leak anything. It might be worth taking a careful look and > possibly lifting this restriction. Generally speaking, we've been resistant to marking anything leakproof unless it has a very small code footprint that can be easily audited. In particular, anything that shares a lot of infrastructure with not-leakproof functions seems quite hazardous. Even if you go through the code and convince yourself that it's OK today, innocent changes to the shared infrastructure could break the leakproofness tomorrow. regards, tom lane
