Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SNOW-1619625: Insufficient character unescaping #1868

Open
bauer-at-work opened this issue Aug 9, 2024 · 1 comment
Open

SNOW-1619625: Insufficient character unescaping #1868

bauer-at-work opened this issue Aug 9, 2024 · 1 comment
Assignees
@sfc-gh-jszczerbinski
Labels
bug status-triage_done Initial triage done, will be further handled by the driver team

Comments

@bauer-at-work
Copy link

  1. What version of JDBC driver are you using?
    latest from git

  2. What operating system and processor architecture are you using?
    Fedora 40, amd64

  3. What version of Java are you using?
    OpenJDK 64-Bit Server VM (Red_Hat-21.0.4.0.7-2) (build 21.0.4+7, mixed mode, sharing)

  4. What did you do?

    Properties properties = new Properties();
properties.put("db", "DEV");
properties.put("schema", "\\\\_ESCAPED\\\\_UNDERSCORE");
properties.put("CLIENT_METADATA_REQUEST_USE_CONNECTION_CTX", "TRUE");

...

connection.getMetaData().getSchemas(); // Returns a line for the precise schema
connection.getMetaData().getTables(null, null, null, null); // Query fails

    Snowflake Query Monitor reveals the following queries being executed:

    show /* JDBC:DatabaseMetaData.getSchemas() */ schemas like 'ESCAPED\\_UNDERSCORE' in database "DEV";
show /* JDBC:DatabaseMetaData.getTables() */ objects in schema "DEV"."ESCAPED\_UNDERSCORE";

  5. What did you expect to see?

    The first SQL statement is expected and correct. Two backslashes are required for the sequence to be interpreted as an escaping of the underscore character.

    The second SQL statement is unexpected. Now that that metadata call results not in a LIKE operation but in a statement expecting a valid schema name, both backslash characters should have been 'unescaped'.

    The problem can be traced back to SnowflakeDatabaseMetaData::unescapeChars(...).
    The function is only removing one of the two backslahes.

  6. Fix

    I had success with switching the order of statements as follows:

    private String unescapeChars(String escapedString) {
  String unescapedString = escapedString.replace("\\\\", "\\");
  unescapedString = unescapedString.replace("\\_", "_");
  unescapedString = unescapedString.replace("\\%", "%");
  unescapedString = escapeSqlQuotes(unescapedString);
  return unescapedString;
}

    However, I might be missing other edge cases now.
@github-actions github-actions bot changed the title Insufficient character unescaping SNOW-1619625: Insufficient character unescaping Aug 9, 2024
@bauer-at-work
Copy link
Author

also, THERE SHOULD BE A TEST CASE FOR unescapeChars!

@sfc-gh-jszczerbinski sfc-gh-jszczerbinski self-assigned this Aug 21, 2024
@sfc-gh-dszmolka sfc-gh-dszmolka added the status-triage_done Initial triage done, will be further handled by the driver team label Sep 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sfc-gh-jszczerbinski sfc-gh-jszczerbinski

Labels
bug status-triage_done Initial triage done, will be further handled by the driver team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@sfc-gh-dszmolka @bauer-at-work @sfc-gh-jszczerbinski