[PostGIS] #5547: postgis 3.4 not using gist index when concatinating string in st_geomfromtext
PostGIS
trac at osgeo.org
Fri Dec 1 16:18:46 PST 2023
#5547: postgis 3.4 not using gist index when concatinating string in
st_geomfromtext
-----------------------+---------------------------
Reporter: tomwlane | Owner: pramsey
Type: defect | Status: new
Priority: medium | Milestone: PostGIS 3.3.6
Component: postgis | Version: 3.4.x
Resolution: | Keywords:
-----------------------+---------------------------
Comment (by pramsey):
String concat is a great way to build SQL injection into your app, maybe
use
{{{
ST_Point(lon, lat, srid)
}}}
instead? or
{{{
ST_SetSRID(ST_MakePoint(lon, lat), srid)
}}}
--
Ticket URL: <https://trac.osgeo.org/postgis/ticket/5547#comment:6>
PostGIS <http://trac.osgeo.org/postgis/>
The PostGIS Trac is used for bug, enhancement & task tracking, a user and developer wiki, and a view into the subversion code repository of PostGIS project.
More information about the postgis-tickets
mailing list