Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 8608fb8

Browse files
authored
fix: do not concatenate an array if passed to escapeLiteral. (#3489)
1 parent 114a03e commit 8608fb8

File tree

2 files changed

+36
-17
lines changed

2 files changed

+36
-17
lines changed

‎packages/pg/lib/utils.js

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -176,6 +176,14 @@ const escapeLiteral = function (str) {
176176
let hasBackslash = false
177177
let escaped = "'"
178178

179+
if (str == null) {
180+
return "''"
181+
}
182+
183+
if (typeof str !== 'string') {
184+
return "''"
185+
}
186+
179187
for (let i = 0; i < str.length; i++) {
180188
const c = str[i]
181189
if (c === "'") {

‎packages/pg/test/unit/utils-tests.js

Lines changed: 28 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -232,35 +232,46 @@ test('prepareValue: can safely be used to map an array of values including those
232232
})
233233

234234
const testEscapeLiteral = function (testName, input, expected) {
235-
test(testName, function () {
235+
test(`escapeLiteral: ${testName}`, function () {
236236
const actual = utils.escapeLiteral(input)
237237
assert.equal(expected, actual)
238238
})
239239
}
240-
testEscapeLiteral('escapeLiteral: no special characters', 'hello world', "'hello world'")
241240

242-
testEscapeLiteral('escapeLiteral: contains double quotes only', 'hello " world', "'hello \" world'")
241+
testEscapeLiteral('no special characters', 'hello world', "'hello world'")
243242

244-
testEscapeLiteral('escapeLiteral: contains single quotes only', "hello ' world", "'hello '' world'")
243+
testEscapeLiteral('contains double quotes only', 'hello " world', "'hello \" world'")
245244

246-
testEscapeLiteral('escapeLiteral: contains backslashes only', 'hello \\ world', " E'hello \\\\ world'")
245+
testEscapeLiteral('contains single quotes only', "hello ' world", "'hello '' world'")
247246

248-
testEscapeLiteral('escapeLiteral: contains single quotes and double quotes', 'hello \' " world', "'hello '' \" world'")
247+
testEscapeLiteral('contains backslashes only', 'hello \\ world', " E'hello \\\\ world'")
249248

250-
testEscapeLiteral(
251-
'escapeLiteral: contains double quotes and backslashes',
252-
'hello \\ " world',
253-
" E'hello \\\\ \" world'"
254-
)
249+
testEscapeLiteral('contains single quotes and double quotes', 'hello \' " world', "'hello '' \" world'")
255250

256-
testEscapeLiteral(
257-
'escapeLiteral: contains single quotes and backslashes',
258-
"hello \\ ' world",
259-
" E'hello \\\\ '' world'"
260-
)
251+
testEscapeLiteral('date', new Date(), "''")
252+
253+
testEscapeLiteral('null', null, "''")
254+
255+
testEscapeLiteral('undefined', undefined, "''")
256+
257+
testEscapeLiteral('boolean', false, "''")
258+
259+
testEscapeLiteral('number', 1, "''")
260+
261+
testEscapeLiteral('number', 1, "''")
262+
263+
testEscapeLiteral('boolean', true, "''")
264+
265+
testEscapeLiteral('array', [1, 2, 3], "''")
266+
267+
testEscapeLiteral('object', { x: 42 }, "''")
268+
269+
testEscapeLiteral('contains double quotes and backslashes', 'hello \\ " world', " E'hello \\\\ \" world'")
270+
271+
testEscapeLiteral('contains single quotes and backslashes', "hello \\ ' world", " E'hello \\\\ '' world'")
261272

262273
testEscapeLiteral(
263-
'escapeLiteral: contains single quotes, double quotes, and backslashes',
274+
'contains single quotes, double quotes, and backslashes',
264275
'hello \\ \' " world',
265276
" E'hello \\\\ '' \" world'"
266277
)

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /