Bug #13523 | Unexpected implementation of backslash escape sequences in quoted values | ||
---|---|---|---|
Submitted: | 27 Sep 2005 12:20 | Modified: | 14 Jun 2013 10:59 |
Reporter: | David Reeve | Email Updates: | |
Status: | Closed | Impact on me: | |
Category: | Connector / ODBC | Severity: | S3 (Non-critical) |
Version: | ODBC 3.51 Driver | OS: | Windows (Win XP) |
Assigned to: | Bogdan Degtyariov | CPU Architecture: | Any |
[27 Sep 2005 12:20]
David Reeve
[28 Sep 2005 8:00]
Vasily Kishkin
Could you please provide any rejected sql query ?
[28 Sep 2005 16:55]
David Reeve
Word document with sample SQL and ODBC driver error
Attachment: MySQL_ODBC_bug2.doc (application/octet-stream, text), 74.00 KiB.
[28 Oct 2005 23:00]
Bugs System
No feedback was provided for this bug for over a month, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open".
[25 May 2006 21:11]
Peter Deacon
Also see Bug #400 which was *opened over three years ago*. This is a serious problem and needs to be fixed. The reason I believe it's critical to resolve is it leaves a host of sql injection vunerabilities open to RDBMS independent ODBC applications.
[29 May 2013 11:20]
Bogdan Degtyariov
needs re-checking
[14 Jun 2013 10:59]
Bogdan Degtyariov
The backslash escape is working correctly in the current versions of Connector/ODBC 5.2 and 5.1. Closing the bug report.