Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-5157

Incomplete quoting of SQL identifiers in AlterTableConstantAction

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 10.7.1.1
    • 10.8.1.2
    • SQL
    • None
    • Repro attached

    Description

      AlterTableConstantAction generates SQL statements various places. Identifiers (schema names, table names, column names) are surrounded with double quotes in case they contain special characters. This is not enough if the identifiers contain double quotes, as can be seen with this example:

      ij> create table t(x int);
      0 rows inserted/updated/deleted
      ij> alter table t add column """" int default 42;
      ERROR 42X01: Syntax error: Encountered "\"" at line 1, column 22.

      I've found three places where AlterTableConstantAction generates SQL statements: updateNewColumnToDefault(), updateNewAutoincrementColumn(), getColumnMax(). All three places suffer from this problem.

      Attachments

        1. derby-5157-1a.diff
          4 kB
          Knut Anders Hatlen

        Issue Links

          Activity

            People

              knutanders Knut Anders Hatlen
              knutanders Knut Anders Hatlen
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: