Improve behavior of libpq's quoting functions (Andres Freund, Tom Lane) § § §

The changes made for CVE-2025-1094 had one serious oversight: PQescapeLiteral() and PQescapeIdentifier() failed to honor their string length parameter, instead always reading to the input string's trailing null. This resulted in including unwanted text in the output, if the caller intended to truncate the string via the length parameter. With very bad luck it could cause a crash due to reading off the end of memory.

In addition, modify all these quoting functions so that when invalid encoding is detected, an invalid sequence is substituted for just the first byte of the presumed character, not all of it. This reduces the risk of problems if a calling application performs additional processing on the quoted string.

Fix small memory leak in pg_createsubscriber (Ranier Vilela) §

Fix meson build system to correctly detect availability of the bsd_auth.h system header (Nazir Bilal Yavuz) §