[CONJ-740] client-side failure to parse PreparedStatement with placeholders and escape characters Created: 2019-10-17  Updated: 2020-03-06  Resolved: 2020-03-06

Status: Closed
Project: MariaDB Connector/J
Component/s: configuration
Affects Version/s: 2.3.0
Fix Version/s: 2.4.0

Type: Bug Priority: Major
Reporter: Dave Schumann Assignee: Diego Dupin
Resolution: Duplicate Votes: 0
Labels: None

Attachments: Java Source File EmailInsert.java    
Issue Links:
Problem/Incident
is caused by CONJ-664 SQLException when backslash (\), whic... Closed

 Description   

We receive SQL syntax errors for valid INSERT statements that mix escape characters, quote characters, and placeholders (?). For example, given a table:

	  create table tmail(txt mediumtext);

The following will produce a syntax error, when executed as a PreparedStatement:

          insert into tmail(txt) values('some text \\''s more text ?');

Example code is attached.

We know there is client-side code to parse PreparedStatement SQL for purposes such as rolling multiple INSERTs together with UNION; our guess is that that code does not correctly parse this, and sends invalid SQL to the server.

 Comments   
Comment by Alexei Olkhovskii [ 2019-10-18 ]

The issue does not occur in the latest driver version

The fix commit likely was https://github.com/MariaDB/mariadb-connector-j/commit/013a3352082f97b7bc06bdef4c355a2c238a28ad#diff-3dbafe7ad6021b022d295910262aead4
for https://jira.mariadb.org/browse/CONJ-664 "SQLException when backslash (), which doesn't escape any character, is used together with setParameter()"

Comment by Diego Dupin [ 2020-03-06 ]

Closing since dupplicate of CONJ-664

Generated at Thu Feb 08 03:17:58 UTC 2024 using Jira 8.20.16#820016-sha1:9d11dbea5f4be3d4cc21f03a88dd11d8c8687422.