Modify

Ticket #1143 (closed defect: duplicate)

Opened 21 months ago

Last modified 21 months ago

Default value is not properly escaped in sqlite3 backend.

Reported by: ryusungho@… Owned by: andrew
Priority: major Milestone:
Component: databaseapi Version: 0.7.5
Keywords: Cc:

Description

In south.db.sqlite3.DatabaseOperations:79, column_info['dflt_value'] is not properly escaped.

if column_info['dflt_value'] is not None:
    type += " DEFAULT " + column_info['dflt_value']

I think the value should be escaped properly, depending on the type of column_info['dflt_value']:

if column_info['dflt_value'] is not None:
    if isinstance(column_info['dflt_value'], (str, unicode)):
        type += " DEFAULT '%s'" % sqlite3_specific_str_escape(column_info['dflt_value'])
    else : # more type checks if necessary
        type += " DEFAULT " + str(column_info['dflt_value'])

I was able to reproduce this error when migrating django-celery===3.0.1, where default values of some columns were int.

Attachments

Change History

comment:1 Changed 21 months ago by andrew

  • Status changed from new to closed
  • Resolution set to duplicate

Duplicate of #1116.

View

Add a comment

Modify Ticket

Action
as closed
The resolution will be deleted. Next status will be 'reopened'
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.