Resolve issue 333

boyter · May 2, 2024 · f06af57 · f06af57
1 parent bec29dc
commit f06af57
Show file tree

Hide file tree

Showing 4 changed files with 111 additions and 46 deletions.
diff --git a/SCC-OUTPUT-REPORT.html b/SCC-OUTPUT-REPORT.html
@@ -13,12 +13,12 @@
 	<tbody><tr>
 		<th>Go</th>
 		<th>30</th>
-		<th>9236</th>
-		<th>1446</th>
-		<th>448</th>
-		<th>7342</th>
-		<th>1504</th>
-		<th>392971</th>
+		<th>9259</th>
+		<th>1447</th>
+		<th>451</th>
+		<th>7361</th>
+		<th>1508</th>
+		<th>393512</th>
 		<th>0</th>
 	</tr><tr>
 		<th>Java</th>
@@ -62,13 +62,13 @@
 		<th>0</th>
 	</tr><tr>
 		<th>YAML</th>
-		<th>8</th>
-		<th>394</th>
+		<th>9</th>
+		<th>930</th>
 		<th>66</th>
-		<th>61</th>
-		<th>267</th>
+		<th>62</th>
+		<th>802</th>
 		<th>0</th>
-		<th>12132</th>
+		<th>19001</th>
 		<th>0</th>
 	</tr><tr>
 		<th>CSS</th>
@@ -103,12 +103,12 @@
 	</tr><tr>
 		<th>Shell</th>
 		<th>3</th>
-		<th>1158</th>
-		<th>154</th>
-		<th>92</th>
-		<th>912</th>
-		<th>104</th>
-		<th>41235</th>
+		<th>1168</th>
+		<th>155</th>
+		<th>93</th>
+		<th>920</th>
+		<th>105</th>
+		<th>41557</th>
 		<th>0</th>
 	</tr><tr>
 		<th>C#</th>
@@ -130,6 +130,26 @@
 		<th>0</th>
 		<th>268</th>
 		<th>0</th>
+	</tr><tr>
+		<th>HTML</th>
+		<th>2</th>
+		<th>1790</th>
+		<th>0</th>
+		<th>0</th>
+		<th>1790</th>
+		<th>0</th>
+		<th>25722</th>
+		<th>0</th>
+	</tr><tr>
+		<th>JSON</th>
+		<th>2</th>
+		<th>9043</th>
+		<th>0</th>
+		<th>0</th>
+		<th>9043</th>
+		<th>0</th>
+		<th>139862</th>
+		<th>0</th>
 	</tr><tr>
 		<th>JavaServer Pages</th>
 		<th>2</th>
@@ -290,6 +310,16 @@
 		<th>0</th>
 		<th>76</th>
 		<th>0</th>
+	</tr><tr>
+		<th>CSV</th>
+		<th>1</th>
+		<th>88</th>
+		<th>0</th>
+		<th>0</th>
+		<th>88</th>
+		<th>0</th>
+		<th>2718</th>
+		<th>0</th>
 	</tr><tr>
 		<th>Cairo</th>
 		<th>1</th>
@@ -510,16 +540,6 @@
 		<th>0</th>
 		<th>245</th>
 		<th>0</th>
-	</tr><tr>
-		<th>HTML</th>
-		<th>1</th>
-		<th>885</th>
-		<th>0</th>
-		<th>0</th>
-		<th>885</th>
-		<th>0</th>
-		<th>12720</th>
-		<th>0</th>
 	</tr><tr>
 		<th>Hare</th>
 		<th>1</th>
@@ -540,16 +560,6 @@
 		<th>0</th>
 		<th>226</th>
 		<th>0</th>
-	</tr><tr>
-		<th>JSON</th>
-		<th>1</th>
-		<th>9042</th>
-		<th>0</th>
-		<th>0</th>
-		<th>9042</th>
-		<th>0</th>
-		<th>126854</th>
-		<th>0</th>
 	</tr><tr>
 		<th>JSONC</th>
 		<th>1</th>
@@ -710,6 +720,16 @@
 		<th>0</th>
 		<th>0</th>
 		<th>0</th>
+	</tr><tr>
+		<th>SQL</th>
+		<th>1</th>
+		<th>215</th>
+		<th>0</th>
+		<th>0</th>
+		<th>215</th>
+		<th>0</th>
+		<th>25637</th>
+		<th>0</th>
 	</tr><tr>
 		<th>Sieve</th>
 		<th>1</th>
@@ -760,6 +780,16 @@
 		<th>0</th>
 		<th>167</th>
 		<th>0</th>
+	</tr><tr>
+		<th>TypeScript</th>
+		<th>1</th>
+		<th>1</th>
+		<th>0</th>
+		<th>0</th>
+		<th>1</th>
+		<th>0</th>
+		<th>21</th>
+		<th>0</th>
 	</tr><tr>
 		<th>TypeSpec</th>
 		<th>1</th>
@@ -873,13 +903,13 @@
 	</tr></tbody>
 	<tfoot><tr>
 		<th>Total</th>
-		<th>191</th>
-		<th>94045</th>
-		<th>4538</th>
-		<th>5940</th>
-		<th>83567</th>
-		<th>2890</th>
-    	<th>3140383</th>
+		<th>197</th>
+		<th>95824</th>
+		<th>4540</th>
+		<th>5945</th>
+		<th>85339</th>
+		<th>2895</th>
+    	<th>3202501</th>
 		<th>0</th>
 	</tr></tfoot>
 	</table></body></html>
diff --git a/examples/issue333/m'ain.ts b/examples/issue333/m'ain.ts
@@ -0,0 +1 @@
+some annoying file...
diff --git a/processor/formatters.go b/processor/formatters.go
@@ -647,7 +647,11 @@ func toSqlInsert(input chan *FileJob) string {
 		dir, _ := filepath.Split(res.Location)
 
 		str.WriteString(fmt.Sprintf("\ninsert into t values('%s', '%s', '%s', '%s', '%s', %d, %d, %d, %d, %d, %d);",
-			projectName, res.Language, res.Location, dir, res.Filename, res.Bytes, res.Blank, res.Comment, res.Code, res.Complexity, res.Uloc))
+			escapeSQLString(projectName),
+			escapeSQLString(res.Language),
+			escapeSQLString(res.Location),
+			escapeSQLString(dir),
+			escapeSQLString(res.Filename), res.Bytes, res.Blank, res.Comment, res.Code, res.Complexity, res.Uloc))
 
 		// every 1000 files commit and start a new transaction to avoid overloading
 		if count == 1000 {
@@ -667,6 +671,25 @@ func toSqlInsert(input chan *FileJob) string {
 	return str.String()
 }
 
+// attempt to manually escape everything that could be a problem
+func escapeSQLString(input string) string {
+	var buffer bytes.Buffer
+	for _, char := range input {
+		switch char {
+		case '\x00':
+			// Remove null characters
+			continue
+		case '\'':
+			// Escape single quote with another single quote
+			buffer.WriteRune('\'')
+			buffer.WriteRune('\'')
+		default:
+			buffer.WriteRune(char)
+		}
+	}
+	return buffer.String()
+}
+
 func toSql(input chan *FileJob) string {
 	var str strings.Builder
 

diff --git a/test-all.sh b/test-all.sh
@@ -904,7 +904,6 @@ else
     exit
 fi
 
-
 # Extra case for longer languages that are normally truncated
 for i in 'CloudFormation (YAM' 'CloudFormation (JSO'
 do
@@ -918,6 +917,17 @@ do
     fi
 done
 
+# Issue333
+if ./scc ./examples/issue333 --by-file -f sql | sqlite3 code.db; then
+  echo -e "${GREEN}PASSED sql escape check"
+else
+  echo -e "${RED}======================================================="
+  echo -e "FAILED sql escape check"
+  echo -e "=======================================================${NC}"
+exit
+fi
+
+
 echo -e  "${NC}Checking compile targets..."
 
 echo "   darwin..."
@@ -947,6 +957,7 @@ rm ./output.yaml
 rm ./output.html
 rm ./output.html2
 rm ./output.sql
+rm ./code.db
 
 
 echo -e "${GREEN}================================================="