Mercurial > hg > monetdb-java

comparison src/main/java/org/monetdb/jdbc/MonetWrapper.java @ 965:8aaa9964359a

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix missing escaping of single back slashes in string data provided to PreparedStatement methods setString(), setClob(), setObject() and setURL(). Also corrected and extended test Test_PSsetBytes.
author Martin van Dinther <martin.van.dinther@monetdbsolutions.com>
date Wed, 12 Feb 2025 21:53:06 +0100 (2 months ago)
parents d416e9b6b3d0
children
comparison
equal deleted inserted replaced
964:bbd6f2407d2e 965:8aaa9964359a
106 * @param in the string to quote 106 * @param in the string to quote
107 * @return the double quoted string 107 * @return the double quoted string
108 */ 108 */
109 public static final String dq(final String in) { 109 public static final String dq(final String in) {
110 String ret = in; 110 String ret = in;
111 if (ret.contains("\\\\")) 111 if (ret.indexOf('\\') >= 0)
112 // all double slashes in input need to be escaped. 112 // every back slash in input needs to be escaped.
113 ret = ret.replaceAll("\\\\", "\\\\\\\\"); 113 ret = ret.replaceAll("\\\\", "\\\\\\\\");
114 if (ret.contains("\"")) 114 if (ret.indexOf('"') >= 0)
115 // all double quotes in input need to be escaped. 115 // every double quote in input needs to be escaped.
116 ret = ret.replaceAll("\"", "\\\\\""); 116 ret = ret.replaceAll("\"", "\\\\\"");
117 return "\"" + ret + "\""; 117 return "\"" + ret + "\"";
118 } 118 }
119 119
120 /** 120 /**
126 * @param in the string to quote 126 * @param in the string to quote
127 * @return the single quoted string 127 * @return the single quoted string
128 */ 128 */
129 public static final String sq(final String in) { 129 public static final String sq(final String in) {
130 String ret = in; 130 String ret = in;
131 if (ret.contains("\\\\")) 131 if (ret.indexOf('\\') >= 0)
132 // all double slashes in input need to be escaped. 132 // every back slash in input needs to be escaped.
133 ret = ret.replaceAll("\\\\", "\\\\\\\\"); 133 ret = ret.replaceAll("\\\\", "\\\\\\\\");
134 if (ret.contains("'")) 134 if (ret.indexOf('\'') >= 0)
135 // all single quotes in input need to be escaped. 135 // every single quote in input needs to be escaped.
136 ret = ret.replaceAll("'", "\\\\'"); 136 ret = ret.replaceAll("'", "\\\\'");
137 return "'" + ret + "'"; 137 return "'" + ret + "'";
138 } 138 }
139 } 139 }