Bug #25399 JDBC escape sequence processing does not properly handle escaped characters
Submitted: 3 Jan 2007 23:14 Modified: 22 Feb 2007 11:21
Reporter: Alan Snyder Email Updates:
Status: Closed Impact on me:
None 
Category:Connector / J Severity:S2 (Serious)
Version:5.0.4 OS:
Assigned to: CPU Architecture:Any

[3 Jan 2007 23:14] Alan Snyder
Description:
When JDBC is given a string literal that contains an open brace that follows an escaped backslash and an escaped single quote, the open brace is incorrectly processed as an escape code.

How to repeat:
Here is test code:

package com.cbfiddle.test;

import java.sql.*;

import com.mysql.jdbc.util.BaseBugReport;

public class TestMySQLBug1
	extends BaseBugReport
{
	public void setUp()
		throws SQLException
	{
		Connection c = getConnection();
		Statement stmt = c.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE, ResultSet.CONCUR_UPDATABLE);
		stmt.executeUpdate("CREATE TABLE TESTBUG (DATA MEDIUMTEXT)");
		stmt.executeUpdate("INSERT INTO TESTBUG SET DATA = 'abc'");
	}

	public void tearDown()
		throws SQLException
	{
		Connection c = getConnection();
		Statement stmt = c.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE, ResultSet.CONCUR_UPDATABLE);
		stmt.executeUpdate("DROP TABLE TESTBUG");
	}

	public void runTest()
		throws SQLException
	{
		Connection c = getConnection();
		Statement stmt = c.createStatement(ResultSet.TYPE_SCROLL_SENSITIVE, ResultSet.CONCUR_UPDATABLE);

		// stmt.setEscapeProcessing(false); // a workaround

		stmt.executeUpdate("UPDATE TESTBUG SET DATA = '\\\\\\' {d}'");

		// This should create a string value whose characters are:
		// backslash, single-quote, space, open-brace, d, close-brace

		// The above statement gets the error: Syntax error for DATE escape sequence '{d}'

		ResultSet rs = stmt.executeQuery("SELECT DATA FROM TESTBUG");
		while (rs.next()) {
			String s = rs.getString(1);
			System.err.println("Result: " + s);
		}
	}

	public static void main(String[] args)
		throws Exception
	{ 
		new TestMySQLBug1().run(); 
	} 
}
[10 Jan 2007 22:49] Bugs System
A patch for this bug has been committed. After review, it may
be pushed to the relevant source trees for release in the next
version. You can access the patch from:

  http://lists.mysql.com/commits/17895
[22 Feb 2007 11:21] MC Brown
A note has been added to the 5.0.5 changelog.