Fix issues with apostrophe being passed in table name + Improvements in SQLServerParameterMetadata

src/main/java/com/microsoft/sqlserver/jdbc/SQLServerBulkCopy.java

@@ -1728,8 +1728,8 @@ private void getDestinationMetadata() throws SQLServerException {
                         ResultSet.CONCUR_READ_ONLY, connection.getHoldability(), stmtColumnEncriptionSetting);
 
                 // Get destination metadata
-                rs = stmt.executeQueryInternal(
-                        "sp_executesql N'SET FMTONLY ON SELECT * FROM " + destinationTableName + " '");
+                rs = stmt.executeQueryInternal("sp_executesql N'SET FMTONLY ON SELECT * FROM "
+                        + Util.escapeSingleQuotes(destinationTableName) + " '");
             }
 
             destColumnCount = rs.getMetaData().getColumnCount();
@@ -1740,11 +1740,11 @@ private void getDestinationMetadata() throws SQLServerException {
                 // SQL server prior to 2016 does not support encryption_type
                 rsMoreMetaData = ((SQLServerStatement) connection.createStatement())
                         .executeQueryInternal("select collation_name from sys.columns where " + "object_id=OBJECT_ID('"
-                                + destinationTableName + "') " + "order by column_id ASC");
+                                + Util.escapeSingleQuotes(destinationTableName) + "') " + "order by column_id ASC");
             } else {
-                rsMoreMetaData = ((SQLServerStatement) connection.createStatement())
-                        .executeQueryInternal("select collation_name, encryption_type from sys.columns where "
-                                + "object_id=OBJECT_ID('" + destinationTableName + "') " + "order by column_id ASC");
+                rsMoreMetaData = ((SQLServerStatement) connection.createStatement()).executeQueryInternal(
+                        "select collation_name, encryption_type from sys.columns where " + "object_id=OBJECT_ID('"
+                                + Util.escapeSingleQuotes(destinationTableName) + "') " + "order by column_id ASC");
             }
             for (int i = 1; i <= destColumnCount; ++i) {
                 if (rsMoreMetaData.next()) {

src/main/java/com/microsoft/sqlserver/jdbc/SQLServerPreparedStatement.java

@@ -1970,8 +1970,9 @@ public int[] executeBatch() throws SQLServerException, BatchUpdateException, SQL
                 try (SQLServerStatement stmt = (SQLServerStatement) connection.createStatement(
                         ResultSet.TYPE_FORWARD_ONLY, ResultSet.CONCUR_READ_ONLY, connection.getHoldability(),
                         stmtColumnEncriptionSetting);
-                        SQLServerResultSet rs = stmt.executeQueryInternal(
-                                "sp_executesql N'SET FMTONLY ON SELECT * FROM " + tableName + " '");) {
+                        SQLServerResultSet rs = stmt
+                                .executeQueryInternal("sp_executesql N'SET FMTONLY ON SELECT * FROM "
+                                        + Util.escapeSingleQuotes(tableName) + " '");) {
                     if (null != columnList && columnList.size() > 0) {
                         if (columnList.size() != valueList.size()) {
                             throw new IllegalArgumentException(
@@ -2123,8 +2124,9 @@ public long[] executeLargeBatch() throws SQLServerException, BatchUpdateExceptio
                 try (SQLServerStatement stmt = (SQLServerStatement) connection.createStatement(
                         ResultSet.TYPE_FORWARD_ONLY, ResultSet.CONCUR_READ_ONLY, connection.getHoldability(),
                         stmtColumnEncriptionSetting);
-                        SQLServerResultSet rs = stmt.executeQueryInternal(
-                                "sp_executesql N'SET FMTONLY ON SELECT * FROM " + tableName + " '");) {
+                        SQLServerResultSet rs = stmt
+                                .executeQueryInternal("sp_executesql N'SET FMTONLY ON SELECT * FROM "
+                                        + Util.escapeSingleQuotes(tableName) + " '");) {
                     if (null != columnList && columnList.size() > 0) {
                         if (columnList.size() != valueList.size()) {
                             throw new IllegalArgumentException(

src/main/java/com/microsoft/sqlserver/jdbc/Util.java

@@ -981,6 +981,17 @@ static synchronized boolean checkIfNeedNewAccessToken(SQLServerConnection connec
     static boolean use43Wrapper() {
         return use43Wrapper;
     }
+
+    /**
+     * Escapes single quotes (') in object name to convert and pass it as String safely.
+     * 
+     * @param name
+     *        Object name to be passed as String
+     * @return Converted object name
+     */
+    static String escapeSingleQuotes(String name) {
+        return name.replace("'", "''");
+    }
 }