From: Zdeněk Šustr <sustr4@cesnet.cz>
Date: Thu, 13 Mar 2008 12:52:25 +0000 (+0000)
Subject: Proper escaping of JDL-based values to be used in SQL searches.
X-Git-Tag: glite-yaim-lb_R_4_0_1_3~4
X-Git-Url: http://scientific.zcu.cz/git/?a=commitdiff_plain;h=6d17117b597f52703c106e8114a8fcfcacbb1c9a;p=jra1mw.git

Proper escaping of JDL-based values to be used in SQL searches.
---

diff --git a/org.glite.lb.server/src/index.c.T b/org.glite.lb.server/src/index.c.T
index 72246e3..8f72332 100644
--- a/org.glite.lb.server/src/index.c.T
+++ b/org.glite.lb.server/src/index.c.T
@@ -215,8 +215,7 @@ char *edg_wll_JDLStatToSQL(edg_wll_JobStat const *stat,edg_wll_QueryRec col_rec)
         }
 
 	if (extr_val) {
-		//XXX: To do this properly, it mayrequire some escaping
-		asprintf(&extr_val_apostrophed,"'%s'", extr_val);
+		trio_asprintf(&extr_val_apostrophed,"'%|Ss'", extr_val);
 		free(extr_val);
 	}