Skip site navigation (1) Skip section navigation (2)

Found error with apostrophes in ecpg

From: Andreas Theofilu <theofilu(at)eunet(dot)at>
To: pgsql-interfaces(at)postgreSQL(dot)org
Cc: meskes(at)debian(dot)org
Subject: Found error with apostrophes in ecpg
Date: 1999-09-14 08:34:38
Message-ID: 99091411152301.01383@theofilu (view raw or flat)
Thread:
Lists: pgsql-interfaces
Hi,

After playing around, I've found now the error in 'libecpg.so' that
ignored a quoted apostrophe. Detailed description with correction follows:

Symptom:
You've written source with embedded SQL comands and you've translated the
source with 'ecpg' first and then compiled it with your C compiler. Then
you've started the final program and now you wan't to insert a string
into a table that contains an apostrophe. The insert command returns with
the runtime error "Too many arguments in line xxx", allthough there's no
syntax error in your code.

Problem:
'libecpg.so' contains an internal function quote_postgres() (in
ecpglib.c line 217) that quotes every apostrophe with a backslash. So far
so well. The error occures in function next_insert() (in ecpglib.c line
362). This function looks for an apostrophe and if it finds one, it
interpretes it as 'end of string'. But it does not care about a backslash
in front of the apostrophe.

Solution:

361: static char *
362: next_insert(char *text)
363: {
364:         char       *ptr = text;
365:         bool            string = false;
366:
367:         for (; *ptr != '\0' && (*ptr != '?' || string); ptr++)
368:                 if (*ptr == '\'' && *(ptr-1) != '\\')
369:                         string = string ? false : true;
370:
371:         return (*ptr == '\0') ? NULL : ptr;
372: }

Line 368 was altered by me. The original line looks like:

368:                 if (*ptr == '\'')

As you can see, the backslash is honored now.
--
Theofilu Andreas
http://members.eunet.at/theofilu

               -------------------------------------------------
                           Enjoy the science of Linux!
                       Geniee die Wissenschaft von Linux!
               -------------------------------------------------

pgsql-interfaces by date

Next:From: Dmitry A BrutckevichDate: 1999-09-14 09:17:41
Subject: SERIAL type in PHP
Previous:From: Andreas TheofiluDate: 1999-09-14 05:47:24
Subject: Re: [INTERFACES] Still have problem with single quotation mark

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group