Found error with apostrophes in ecpg - Mailing list pgsql-interfaces

From Andreas Theofilu
Subject Found error with apostrophes in ecpg
Date
Msg-id 99091411152301.01383@theofilu
Whole thread Raw
List pgsql-interfaces
Hi,

After playing around, I've found now the error in 'libecpg.so' that
ignored a quoted apostrophe. Detailed description with correction follows:

Symptom:
You've written source with embedded SQL comands and you've translated the
source with 'ecpg' first and then compiled it with your C compiler. Then
you've started the final program and now you wan't to insert a string
into a table that contains an apostrophe. The insert command returns with
the runtime error "Too many arguments in line xxx", allthough there's no
syntax error in your code.

Problem:
'libecpg.so' contains an internal function quote_postgres() (in
ecpglib.c line 217) that quotes every apostrophe with a backslash. So far
so well. The error occures in function next_insert() (in ecpglib.c line
362). This function looks for an apostrophe and if it finds one, it
interpretes it as 'end of string'. But it does not care about a backslash
in front of the apostrophe.

Solution:

361: static char *
362: next_insert(char *text)
363: {
364:         char       *ptr = text;
365:         bool            string = false;
366:
367:         for (; *ptr != '\0' && (*ptr != '?' || string); ptr++)
368:                 if (*ptr == '\'' && *(ptr-1) != '\\')
369:                         string = string ? false : true;
370:
371:         return (*ptr == '\0') ? NULL : ptr;
372: }

Line 368 was altered by me. The original line looks like:

368:                 if (*ptr == '\'')

As you can see, the backslash is honored now.
--
Theofilu Andreas
http://members.eunet.at/theofilu
              -------------------------------------------------                          Enjoy the science of Linux!
                 Genie�e die Wissenschaft von Linux!              -------------------------------------------------
 


pgsql-interfaces by date:

Previous
From: Andreas Theofilu
Date:
Subject: Re: [INTERFACES] Still have problem with single quotation mark
Next
From: Dmitry A Brutckevich
Date:
Subject: SERIAL type in PHP