[
https://issues.apache.org/jira/browse/DERBY-3682?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Knut Anders Hatlen updated DERBY-3682:
--------------------------------------
Attachment: d3682.diff
The attached patch fixes the missing escaping of identifiers and literals. I
also modified VTITest so that it runs the bulk insert test with a table whose
name contains " and '.
Ideally, the SYSCS_BULK_INSERT procedure should have used question marks and
setString() instead of manually escaped string literals in the SQL text it
built, but the parameters to the Warehouse VTI used in VTITest are required at
compile time, and the test therefore failed if the statement was parametrized.
I have started the regression tests.
> SYSCS_BULK_INSERT doesn't quote identifiers or strings properly
> ---------------------------------------------------------------
>
> Key: DERBY-3682
> URL: https://issues.apache.org/jira/browse/DERBY-3682
> Project: Derby
> Issue Type: Bug
> Components: SQL
> Affects Versions: 10.4.1.3
> Reporter: Knut Anders Hatlen
> Assignee: Knut Anders Hatlen
> Priority: Minor
> Attachments: d3682.diff
>
>
> Discovered by Mamta A. Satoor in DERBY-1062.
> SYSCS_BULK_INSERT builds an insert statement in which it doesn't quote the
> schema name or the table name. It also takes string parameters that are
> inserted into the statement text with single quotes around them, but that
> won't work if those strings contain single quote characters.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
