You are viewing a plain text version of this content. The canonical link for it is here.

Posted to derby-dev@db.apache.org by "Knut Anders Hatlen (JIRA)" <ji...@apache.org> on 2010/05/12 12:28:41 UTC

[jira] Created: (DERBY-4654) Restriction.toSQL() doesn't escape special characters

Restriction.toSQL() doesn't escape special characters
-----------------------------------------------------

                 Key: DERBY-4654
                 URL: https://issues.apache.org/jira/browse/DERBY-4654
             Project: Derby
          Issue Type: Bug
          Components: SQL
    Affects Versions: 10.6.1.0
            Reporter: Knut Anders Hatlen
            Priority: Minor


org.apache.derby.vti.Restriction.toSQL() adds double quotes around column names, but it does not escape the special characters (like double quotes) in the column names, so the returned string may not be valid SQL. This could cause problems when using the restriction to generate a query against an external database.

Restriction.doubleQuote() should use IdUtil.normalToDelimited() to get proper quoting of the names.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Assigned: (DERBY-4654) Restriction.toSQL() doesn't escape special characters

Posted by "Knut Anders Hatlen (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/DERBY-4654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Knut Anders Hatlen reassigned DERBY-4654:
-----------------------------------------

    Assignee: Knut Anders Hatlen

> Restriction.toSQL() doesn't escape special characters
> -----------------------------------------------------
>
>                 Key: DERBY-4654
>                 URL: https://issues.apache.org/jira/browse/DERBY-4654
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 10.6.1.0
>            Reporter: Knut Anders Hatlen
>            Assignee: Knut Anders Hatlen
>            Priority: Minor
>
> org.apache.derby.vti.Restriction.toSQL() adds double quotes around column names, but it does not escape the special characters (like double quotes) in the column names, so the returned string may not be valid SQL. This could cause problems when using the restriction to generate a query against an external database.
> Restriction.doubleQuote() should use IdUtil.normalToDelimited() to get proper quoting of the names.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (DERBY-4654) Restriction.toSQL() doesn't escape special characters

Posted by "Knut Anders Hatlen (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/DERBY-4654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Knut Anders Hatlen updated DERBY-4654:
--------------------------------------

    Issue & fix info: [Patch Available]

All the regression tests passed.

> Restriction.toSQL() doesn't escape special characters
> -----------------------------------------------------
>
>                 Key: DERBY-4654
>                 URL: https://issues.apache.org/jira/browse/DERBY-4654
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 10.6.1.0
>            Reporter: Knut Anders Hatlen
>            Assignee: Knut Anders Hatlen
>            Priority: Minor
>         Attachments: derby-4654.diff
>
>
> org.apache.derby.vti.Restriction.toSQL() adds double quotes around column names, but it does not escape the special characters (like double quotes) in the column names, so the returned string may not be valid SQL. This could cause problems when using the restriction to generate a query against an external database.
> Restriction.doubleQuote() should use IdUtil.normalToDelimited() to get proper quoting of the names.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Closed: (DERBY-4654) Restriction.toSQL() doesn't escape special characters

Posted by "Knut Anders Hatlen (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/DERBY-4654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Knut Anders Hatlen closed DERBY-4654.
-------------------------------------

    Issue & fix info:   (was: [Patch Available])
       Fix Version/s: 10.6.1.1
                      10.7.0.0
          Resolution: Fixed

Merged to 10.6 and committed revision 944159.

> Restriction.toSQL() doesn't escape special characters
> -----------------------------------------------------
>
>                 Key: DERBY-4654
>                 URL: https://issues.apache.org/jira/browse/DERBY-4654
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 10.6.1.0
>            Reporter: Knut Anders Hatlen
>            Assignee: Knut Anders Hatlen
>            Priority: Minor
>             Fix For: 10.6.1.1, 10.7.0.0
>
>         Attachments: derby-4654-2.diff, derby-4654.diff
>
>
> org.apache.derby.vti.Restriction.toSQL() adds double quotes around column names, but it does not escape the special characters (like double quotes) in the column names, so the returned string may not be valid SQL. This could cause problems when using the restriction to generate a query against an external database.
> Restriction.doubleQuote() should use IdUtil.normalToDelimited() to get proper quoting of the names.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (DERBY-4654) Restriction.toSQL() doesn't escape special characters

Posted by "Knut Anders Hatlen (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/DERBY-4654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Knut Anders Hatlen updated DERBY-4654:
--------------------------------------

    Attachment: derby-4654-2.diff

The new test for DERBY-4651 conflicted with the test in the patch for this issue. Uploading a new patch with an updated test.

Committed revision 944152.

> Restriction.toSQL() doesn't escape special characters
> -----------------------------------------------------
>
>                 Key: DERBY-4654
>                 URL: https://issues.apache.org/jira/browse/DERBY-4654
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 10.6.1.0
>            Reporter: Knut Anders Hatlen
>            Assignee: Knut Anders Hatlen
>            Priority: Minor
>         Attachments: derby-4654-2.diff, derby-4654.diff
>
>
> org.apache.derby.vti.Restriction.toSQL() adds double quotes around column names, but it does not escape the special characters (like double quotes) in the column names, so the returned string may not be valid SQL. This could cause problems when using the restriction to generate a query against an external database.
> Restriction.doubleQuote() should use IdUtil.normalToDelimited() to get proper quoting of the names.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (DERBY-4654) Restriction.toSQL() doesn't escape special characters

Posted by "Knut Anders Hatlen (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/DERBY-4654?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Knut Anders Hatlen updated DERBY-4654:
--------------------------------------

    Attachment: derby-4654.diff

Attaching a patch with a test case that tests whether the returned restriction can be put into the WHERE clause of a SELECT statement. The patch also makes Restriction use the helper method in IdUtil to quote the string, and that makes the test case pass.

Running regression tests now.

> Restriction.toSQL() doesn't escape special characters
> -----------------------------------------------------
>
>                 Key: DERBY-4654
>                 URL: https://issues.apache.org/jira/browse/DERBY-4654
>             Project: Derby
>          Issue Type: Bug
>          Components: SQL
>    Affects Versions: 10.6.1.0
>            Reporter: Knut Anders Hatlen
>            Assignee: Knut Anders Hatlen
>            Priority: Minor
>         Attachments: derby-4654.diff
>
>
> org.apache.derby.vti.Restriction.toSQL() adds double quotes around column names, but it does not escape the special characters (like double quotes) in the column names, so the returned string may not be valid SQL. This could cause problems when using the restriction to generate a query against an external database.
> Restriction.doubleQuote() should use IdUtil.normalToDelimited() to get proper quoting of the names.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.