Bug #11498 The com.mysql.jdbc.EscapeTokenizer class doesn't match " ans ' (value quotes)
Submitted: 22 Jun 2005 11:30 Modified: 18 Oct 2005 20:32
Reporter: F S Email Updates:
Status: Closed Impact on me:
Category:Connector / J Severity:S3 (Non-critical)
Version:ALL OS:Any (ANY)
Assigned to: Reggie Burnett CPU Architecture:Any

[22 Jun 2005 11:30] F S
it seems that the tokenizer gets corrupt when an empty String ("" or '' value) is in the query and it does not change the flag inQuotes properly, and if in the next value is the '{' bracket it splits inside a value and throws Exception later on.

java.sql.SQLException: Not a valid escape sequence: { zna gdje se sakrio"),(2,"a","sedmi { kontinentio"),(3,"a","a } cigov si ti?")
	at com.mysql.jdbc.EscapeProcessor.escapeSQL(EscapeProcessor.java:81)
	at com.mysql.jdbc.Statement.executeUpdate(Statement.java:1231)
	at com.mysql.jdbc.Statement.executeUpdate(Statement.java:1205)

How to repeat:
Here is an example query how to reproduce it:

String query = "replace into t1 (id, f1, f4) VALUES(1,\"\",\"tko { zna gdje se sakrio\"),(2,\"a\",\"sedmi { kontinentio\"),(3,\"a\",\"a } cigov si ti?\")";

//replace into t1 (id, f1, f4) VALUES(1,"","tko { zna di se sakrio"),(2,"a","sedmi { kontinentio"),(3,"a","a } cigov si ti?")

Suggested fix:
One workaround is to force the jdbc driver to skip escape processing by invoking
java.sql.Statement stmt = ...;
(But if someone uses the {}@ syntax in app it could throw the Exception...)
[23 Jun 2005 8:41] Vasily Kishkin
Tested on Win 2000 Sp4 , JDK 1.5, JDBC 3.1.8. Test case is attached.
[23 Jun 2005 8:42] Vasily Kishkin
Test case

Attachment: test.java (text/java), 896 bytes.