Bug #11498 The com.mysql.jdbc.EscapeTokenizer class doesn't match " ans ' (value quotes)
Submitted: 22 Jun 2005 13:30 Modified: 18 Oct 2005 22:32
Reporter: F S
Status: Closed
Category:Connector/J Severity:S3 (Non-critical)
Version:ALL OS:Any (ANY)
Assigned to: Reggie Burnett Target Version:

[22 Jun 2005 13:30] F S 
Description:
it seems that the tokenizer gets corrupt when an empty String ("" or '' value) is in the
query and it does not change the flag inQuotes properly, and if in the next value is the
'{' bracket it splits inside a value and throws Exception later on.

java.sql.SQLException: Not a valid escape sequence: { zna gdje se sakrio"),(2,"a","sedmi {
kontinentio"),(3,"a","a } cigov si ti?")
	at com.mysql.jdbc.EscapeProcessor.escapeSQL(EscapeProcessor.java:81)
	at com.mysql.jdbc.Statement.executeUpdate(Statement.java:1231)
	at com.mysql.jdbc.Statement.executeUpdate(Statement.java:1205)

How to repeat:
Here is an example query how to reproduce it:

String query = "replace into t1 (id, f1, f4) VALUES(1,\"\",\"tko { zna gdje se
sakrio\"),(2,\"a\",\"sedmi { kontinentio\"),(3,\"a\",\"a } cigov si ti?\")";

//replace into t1 (id, f1, f4) VALUES(1,"","tko { zna di se sakrio"),(2,"a","sedmi {
kontinentio"),(3,"a","a } cigov si ti?")

Suggested fix:
One workaround is to force the jdbc driver to skip escape processing by invoking
java.sql.Statement stmt = ...;
stmt.setEscapeProcessing(false);
(But if someone uses the {}@ syntax in app it could throw the Exception...)
[23 Jun 2005 10:41] Vasily Kishkin 
Tested on Win 2000 Sp4 , JDK 1.5, JDBC 3.1.8. Test case is attached.
[23 Jun 2005 10:42] Vasily Kishkin 
Test case

Attachment: test.java (text/java), 896 bytes.