You are viewing a plain text version of this content. The canonical link for it is here.
Posted to derby-dev@db.apache.org by "Knut Anders Hatlen (JIRA)" <ji...@apache.org> on 2008/05/21 11:03:55 UTC
[jira] Created: (DERBY-3682) SYSCS_BULK_INSERT doesn't quote
identifiers or strings properly
SYSCS_BULK_INSERT doesn't quote identifiers or strings properly
---------------------------------------------------------------
Key: DERBY-3682
URL: https://issues.apache.org/jira/browse/DERBY-3682
Project: Derby
Issue Type: Bug
Components: SQL
Affects Versions: 10.4.1.3
Reporter: Knut Anders Hatlen
Assignee: Knut Anders Hatlen
Priority: Minor
Discovered by Mamta A. Satoor in DERBY-1062.
SYSCS_BULK_INSERT builds an insert statement in which it doesn't quote the schema name or the table name. It also takes string parameters that are inserted into the statement text with single quotes around them, but that won't work if those strings contain single quote characters.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DERBY-3682) SYSCS_BULK_INSERT doesn't quote
identifiers or strings properly
Posted by "Dag H. Wanvik (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3682?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12599410#action_12599410 ]
Dag H. Wanvik commented on DERBY-3682:
--------------------------------------
Changes look good to me. Nice that we now have a well defined place for the quoting/unquoting code!
I guess the JDBC#escape code could/should be generalized to work for strings as well as identifiers.
+1
> SYSCS_BULK_INSERT doesn't quote identifiers or strings properly
> ---------------------------------------------------------------
>
> Key: DERBY-3682
> URL: https://issues.apache.org/jira/browse/DERBY-3682
> Project: Derby
> Issue Type: Bug
> Components: SQL
> Affects Versions: 10.4.1.3
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Priority: Minor
> Attachments: d3682.diff, d3682a.diff
>
>
> Discovered by Mamta A. Satoor in DERBY-1062.
> SYSCS_BULK_INSERT builds an insert statement in which it doesn't quote the schema name or the table name. It also takes string parameters that are inserted into the statement text with single quotes around them, but that won't work if those strings contain single quote characters.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3682) SYSCS_BULK_INSERT doesn't quote
identifiers or strings properly
Posted by "Knut Anders Hatlen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Knut Anders Hatlen updated DERBY-3682:
--------------------------------------
Attachment: d3682a.diff
Attaching an updated patch (d3682a). It's basically the same as the previous patch, except that it uses utility functions from IdUtil and StringUtil. All tests passed.
> SYSCS_BULK_INSERT doesn't quote identifiers or strings properly
> ---------------------------------------------------------------
>
> Key: DERBY-3682
> URL: https://issues.apache.org/jira/browse/DERBY-3682
> Project: Derby
> Issue Type: Bug
> Components: SQL
> Affects Versions: 10.4.1.3
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Priority: Minor
> Attachments: d3682.diff, d3682a.diff
>
>
> Discovered by Mamta A. Satoor in DERBY-1062.
> SYSCS_BULK_INSERT builds an insert statement in which it doesn't quote the schema name or the table name. It also takes string parameters that are inserted into the statement text with single quotes around them, but that won't work if those strings contain single quote characters.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3682) SYSCS_BULK_INSERT doesn't quote
identifiers or strings properly
Posted by "Knut Anders Hatlen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Knut Anders Hatlen updated DERBY-3682:
--------------------------------------
Attachment: d3682.diff
The attached patch fixes the missing escaping of identifiers and literals. I also modified VTITest so that it runs the bulk insert test with a table whose name contains " and '.
Ideally, the SYSCS_BULK_INSERT procedure should have used question marks and setString() instead of manually escaped string literals in the SQL text it built, but the parameters to the Warehouse VTI used in VTITest are required at compile time, and the test therefore failed if the statement was parametrized.
I have started the regression tests.
> SYSCS_BULK_INSERT doesn't quote identifiers or strings properly
> ---------------------------------------------------------------
>
> Key: DERBY-3682
> URL: https://issues.apache.org/jira/browse/DERBY-3682
> Project: Derby
> Issue Type: Bug
> Components: SQL
> Affects Versions: 10.4.1.3
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Priority: Minor
> Attachments: d3682.diff
>
>
> Discovered by Mamta A. Satoor in DERBY-1062.
> SYSCS_BULK_INSERT builds an insert statement in which it doesn't quote the schema name or the table name. It also takes string parameters that are inserted into the statement text with single quotes around them, but that won't work if those strings contain single quote characters.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (DERBY-3682) SYSCS_BULK_INSERT doesn't quote
identifiers or strings properly
Posted by "Knut Anders Hatlen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Knut Anders Hatlen updated DERBY-3682:
--------------------------------------
Derby Info: [Patch Available]
> SYSCS_BULK_INSERT doesn't quote identifiers or strings properly
> ---------------------------------------------------------------
>
> Key: DERBY-3682
> URL: https://issues.apache.org/jira/browse/DERBY-3682
> Project: Derby
> Issue Type: Bug
> Components: SQL
> Affects Versions: 10.4.1.3
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Priority: Minor
> Attachments: d3682.diff, d3682a.diff
>
>
> Discovered by Mamta A. Satoor in DERBY-1062.
> SYSCS_BULK_INSERT builds an insert statement in which it doesn't quote the schema name or the table name. It also takes string parameters that are inserted into the statement text with single quotes around them, but that won't work if those strings contain single quote characters.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DERBY-3682) SYSCS_BULK_INSERT doesn't quote
identifiers or strings properly
Posted by "Knut Anders Hatlen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3682?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12598940#action_12598940 ]
Knut Anders Hatlen commented on DERBY-3682:
-------------------------------------------
The tests passed, but I'll upload a new patch since we should use shared code in IdUtil/StringUtil to quote the strings and identifiers instead of having a private implementation in SystemProcedures.
> SYSCS_BULK_INSERT doesn't quote identifiers or strings properly
> ---------------------------------------------------------------
>
> Key: DERBY-3682
> URL: https://issues.apache.org/jira/browse/DERBY-3682
> Project: Derby
> Issue Type: Bug
> Components: SQL
> Affects Versions: 10.4.1.3
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Priority: Minor
> Attachments: d3682.diff
>
>
> Discovered by Mamta A. Satoor in DERBY-1062.
> SYSCS_BULK_INSERT builds an insert statement in which it doesn't quote the schema name or the table name. It also takes string parameters that are inserted into the statement text with single quotes around them, but that won't work if those strings contain single quote characters.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (DERBY-3682) SYSCS_BULK_INSERT doesn't quote
identifiers or strings properly
Posted by "Knut Anders Hatlen (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Knut Anders Hatlen closed DERBY-3682.
-------------------------------------
Resolution: Fixed
Fix Version/s: 10.5.0.0
Derby Info: (was: [Patch Available])
Thanks for reviewing the patch Dag. Committed revision 660153.
I guess JDBC.escape() could also be generalized, but tests which have these strings that need special escaping tend to use parameter markers and setString() instead. And if the tests are specialized in order to check that the parser handles the strings correctly, the full statement text is normally hand-crafted in the test.
> SYSCS_BULK_INSERT doesn't quote identifiers or strings properly
> ---------------------------------------------------------------
>
> Key: DERBY-3682
> URL: https://issues.apache.org/jira/browse/DERBY-3682
> Project: Derby
> Issue Type: Bug
> Components: SQL
> Affects Versions: 10.4.1.3
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Priority: Minor
> Fix For: 10.5.0.0
>
> Attachments: d3682.diff, d3682a.diff
>
>
> Discovered by Mamta A. Satoor in DERBY-1062.
> SYSCS_BULK_INSERT builds an insert statement in which it doesn't quote the schema name or the table name. It also takes string parameters that are inserted into the statement text with single quotes around them, but that won't work if those strings contain single quote characters.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (DERBY-3682) SYSCS_BULK_INSERT doesn't quote
identifiers or strings properly
Posted by "Bryan Pendleton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/DERBY-3682?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12600240#action_12600240 ]
Bryan Pendleton commented on DERBY-3682:
----------------------------------------
The patch looks good to me, too. Thanks for taking the time to ensure that
we have a common routine to handle the quote processing.
> SYSCS_BULK_INSERT doesn't quote identifiers or strings properly
> ---------------------------------------------------------------
>
> Key: DERBY-3682
> URL: https://issues.apache.org/jira/browse/DERBY-3682
> Project: Derby
> Issue Type: Bug
> Components: SQL
> Affects Versions: 10.4.1.3
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Priority: Minor
> Fix For: 10.5.0.0
>
> Attachments: d3682.diff, d3682a.diff
>
>
> Discovered by Mamta A. Satoor in DERBY-1062.
> SYSCS_BULK_INSERT builds an insert statement in which it doesn't quote the schema name or the table name. It also takes string parameters that are inserted into the statement text with single quotes around them, but that won't work if those strings contain single quote characters.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.