SQL injection vulnerabilities in PostgreSQL
Posted Jun 1, 2006 8:15 UTC (Thu) by nim-nim
Parent article: SQL injection vulnerabilities in PostgreSQL
Both of these problems would have been avoided if there was a development culture where i18n is not an afterthought and software writers validated their code with something else that english ASCII.
The year-2000 bug was a joke, the we've-developped-in-english-ascii-then-turned-i18n-on bug will continue striking for years.
And the worst part people are writing code *today* which assumes one char=one byte, and language=english. Even with a clear example of the consequences of this attitude your article manages to completely skip over this aspect.
i18n is *not* a translator problem.
(Another example of the way our software culture is profoundly conservative is the way GUI writers still think in terms of pixels and 75/96 dpi screens, while Dell and friends are maddly shipping whidescreen LCDs.)
to post comments)