[OSSTEST,v2,04/41] SQL: Fix incorrect LIKE pattern syntax (program variables)
diff mbox series

Message ID 20200731113820.5765-5-ian.jackson@eu.citrix.com
State New
Headers show
Series
  • Performance work
Related show

Commit Message

Ian Jackson July 31, 2020, 11:37 a.m. UTC
In two places the pattern for LIKE is constructed programmatically.
In this case, too, we need to escape % and _.

We pass the actual pattern (or pattern fragment) via ?, so we do not
need to worry about '.

Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
---
New in v2.
---
 Osstest.pm                 | 8 +++++++-
 Osstest/JobDB/Executive.pm | 2 +-
 sg-report-host-history     | 3 ++-
 3 files changed, 10 insertions(+), 3 deletions(-)

Patch
diff mbox series

diff --git a/Osstest.pm b/Osstest.pm
index 63dddd95..b2b6b741 100644
--- a/Osstest.pm
+++ b/Osstest.pm
@@ -39,7 +39,7 @@  BEGIN {
                       main_revision_job_cond other_revision_job_suffix
                       $dbh_tests db_retry db_retry_retry db_retry_abort
 		      db_readonly_report
-                      db_begin_work db_prepare
+                      db_begin_work db_prepare db_quote_like_pattern
                       get_harness_rev blessing_must_not_modify_host
                       ensuredir get_filecontents_core_quiet system_checked
                       nonempty visible_undef show_abs_time
@@ -358,6 +358,12 @@  sub postfork () {
     $mjobdb->jobdb_postfork();
 }
 
+sub db_quote_like_pattern ($) {
+    local ($_) = @_;
+    s{[_%\\]}{\\$&}g;
+    $_;
+}
+
 #---------- script entrypoints ----------
 
 sub csreadconfig () {
diff --git a/Osstest/JobDB/Executive.pm b/Osstest/JobDB/Executive.pm
index be5588fc..39deb8a2 100644
--- a/Osstest/JobDB/Executive.pm
+++ b/Osstest/JobDB/Executive.pm
@@ -143,7 +143,7 @@  sub _check_testdbs ($) {
 	      AND live
 	      AND username LIKE (? || '@%')
 END
-    $sth->execute($c{Username});
+    $sth->execute(db_quote_like_pattern($c{Username}));
     my $allok = 1;
     while (my $row = $sth->fetchrow_hashref()) {
 	next if $row->{dbname} =~ m/^$re$/o;
diff --git a/sg-report-host-history b/sg-report-host-history
index 7505b18b..9730ae7a 100755
--- a/sg-report-host-history
+++ b/sg-report-host-history
@@ -380,7 +380,8 @@  END
 	    $runvarq_hits++;
 	} else {
 	    $runvarq_misses++;
-	    $jrunvarq->execute($jr->{flight}, $jr->{job}, $ident);
+	    $jrunvarq->execute($jr->{flight}, $jr->{job},
+			       db_quote_like_pattern($ident));
 	    my %runvars;
 	    while (my ($n, $v) = $jrunvarq->fetchrow_array()) {
 		$runvars{$n} = $v;