Bug #6711 | mysql_real_escape_string performs no quoting on ucs2 | ||
---|---|---|---|
Submitted: | 19 Nov 2004 1:16 | Modified: | 7 May 2005 9:22 |
Reporter: | [ name withheld ] | Email Updates: | |
Status: | Won't fix | Impact on me: | |
Category: | MySQL Server | Severity: | S3 (Non-critical) |
Version: | 4.1.7 | OS: | N/A |
Assigned to: | CPU Architecture: | Any |
[19 Nov 2004 1:16]
[ name withheld ]
[29 Mar 2005 18:31]
MySQL Verification Team
Are you referring to the below piece of code ? ulong escape_string_for_mysql(CHARSET_INFO *charset_info, char *to, const char *from, ulong length) { <cut> { #ifdef USE_MB int l; if (use_mb_flag && (l= my_ismbchar(charset_info, from, end))) { while (l--) *to++= *from++; from--; continue; } /* If the next character appears to begin a multi-byte character, we escape that first byte of that apparent multi-byte character. (The character just looks like a multi-byte character -- if it were actually a multi-byte character, it would have been passed through in the test above.) Without this check, we can create a problem by converting an invalid multi-byte character into a valid one. For example, 0xbf27 is not a valid GBK character, but 0xbf5c is. (0x27 = ', 0x5c = \) */ if (use_mb_flag && (l= my_mbcharlen(charset_info, *from)) > 1) { *to++= '\\'; *to++= *from; continue; }
[1 Apr 2005 7:04]
[ name withheld ]
yes that code is the code which I think can cause issues.
[1 May 2005 23:00]
Bugs System
No feedback was provided for this bug for over a month, so it is being suspended automatically. If you are able to provide the information that was originally requested, please do so and change the status of the bug back to "Open".
[7 May 2005 9:22]
Hartmut Holzgraefe
This is not a problem as UCS2 is not supported as a client character set anyway