Context Navigation

← Previous Ticket
Next Ticket →

Modify ↓

Ticket #1143 (closed defect: duplicate)

Last modified 11 months ago

Default value is not properly escaped in sqlite3 backend.

Reported by:	ryusungho@…	Owned by:	andrew
Priority:	major	Milestone:
Component:	databaseapi	Version:	0.7.5
Keywords:		Cc:

Description

In south.db.sqlite3.DatabaseOperations:79, column_info['dflt_value'] is not properly escaped.

if column_info['dflt_value'] is not None:
    type += " DEFAULT " + column_info['dflt_value']

I think the value should be escaped properly, depending on the type of column_info['dflt_value']:

if column_info['dflt_value'] is not None:
    if isinstance(column_info['dflt_value'], (str, unicode)):
        type += " DEFAULT '%s'" % sqlite3_specific_str_escape(column_info['dflt_value'])
    else : # more type checks if necessary
        type += " DEFAULT " + str(column_info['dflt_value'])

I was able to reproduce this error when migrating django-celery===3.0.1, where default values of some columns were int.

Attachments

Change History

comment:1 Changed 11 months ago by andrew

Status changed from new to closed
Resolution set to duplicate

Duplicate of #1116.

View ↑

Add a comment

You may use WikiFormatting here.

Modify Ticket

Action

leave as closed

reopen The resolution will be deleted. Next status will be 'reopened'

Author

Your email or username:

E-mail address and user name can be saved in the Preferences.

Attachments ↑

Note: See TracTickets for help on using tickets.

Download in other formats: