Commit 20addb05 authored by Ivo Roylev's avatar Ivo Roylev

Bug# 25998635: Client does not escape the USE statement

When there are quotes in the USE statement, the mysql client does
not correctly escape them.

The USE statement is processed line by line from the client's parser,
and cannot handle multi-line commands as the server.

The fix is to escape the USE parameters whenever quotes are used.
parent 3b562dcf
...@@ -3386,7 +3386,7 @@ print_table_data(MYSQL_RES *result) ...@@ -3386,7 +3386,7 @@ print_table_data(MYSQL_RES *result)
length=4; // Room for "NULL" length=4; // Room for "NULL"
if (opt_binhex && is_binary_field(field)) if (opt_binhex && is_binary_field(field))
length= 2 + length * 2; length= 2 + length * 2;
field->max_length=length; field->max_length=(ulong) length;
separator.fill(separator.length()+length+2,'-'); separator.fill(separator.length()+length+2,'-');
separator.append('+'); separator.append('+');
} }
...@@ -3453,7 +3453,7 @@ print_table_data(MYSQL_RES *result) ...@@ -3453,7 +3453,7 @@ print_table_data(MYSQL_RES *result)
many extra padding-characters we should send with the printing function. many extra padding-characters we should send with the printing function.
*/ */
visible_length= charset_info->cset->numcells(charset_info, buffer, buffer + data_length); visible_length= charset_info->cset->numcells(charset_info, buffer, buffer + data_length);
extra_padding= data_length - visible_length; extra_padding= (uint) (data_length - visible_length);
if (opt_binhex && is_binary_field(field)) if (opt_binhex && is_binary_field(field))
print_as_hex(PAGER, cur[off], lengths[off], field_max_length); print_as_hex(PAGER, cur[off], lengths[off], field_max_length);
...@@ -4232,10 +4232,9 @@ com_use(String *buffer __attribute__((unused)), char *line) ...@@ -4232,10 +4232,9 @@ com_use(String *buffer __attribute__((unused)), char *line)
bzero(buff, sizeof(buff)); bzero(buff, sizeof(buff));
/* /*
In case number of quotes exceed 2, we try to get In case of quotes used, try to get the normalized db name.
the normalized db name.
*/ */
if (get_quote_count(line) > 2) if (get_quote_count(line) > 0)
{ {
if (normalize_dbname(line, buff, sizeof(buff))) if (normalize_dbname(line, buff, sizeof(buff)))
return put_error(&mysql); return put_error(&mysql);
...@@ -4453,11 +4452,13 @@ char *get_arg(char *line, my_bool get_next_arg) ...@@ -4453,11 +4452,13 @@ char *get_arg(char *line, my_bool get_next_arg)
static int static int
get_quote_count(const char *line) get_quote_count(const char *line)
{ {
int quote_count; int quote_count= 0;
const char *ptr= line; const char *quote= line;
for(quote_count= 0; ptr ++ && *ptr; ptr= strpbrk(ptr, "\"\'`")) while ((quote= strpbrk(quote, "'`\"")) != NULL) {
quote_count ++; quote_count++;
quote++;
}
return quote_count; return quote_count;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment