msi: Don't allow nested quotes in SQL queries.

2009-03-02 02:34:17 -08:00 · 2009-03-02 02:34:17 -08:00 · 7f3faffc3b
parent e821f9d724
commit 7f3faffc3b
2 changed files with 6 additions and 20 deletions
--- a/dlls/msi/tests/db.c
+++ b/dlls/msi/tests/db.c
@ -5257,10 +5257,7 @@ static void test_quotes(void)

    query = "INSERT INTO `Table` ( `A` ) VALUES ( 'This is a ''string'' ok' )";
    r = run_query(hdb, 0, query);
-    todo_wine
-    {
-        ok(r == ERROR_BAD_QUERY_SYNTAX, "Expected ERROR_BAD_QUERY_SYNTAX, got %d\n", r);
-    }
+    ok(r == ERROR_BAD_QUERY_SYNTAX, "Expected ERROR_BAD_QUERY_SYNTAX, got %d\n", r);

    query = "INSERT INTO `Table` ( `A` ) VALUES ( 'This is a '''string''' ok' )";
    r = run_query(hdb, 0, query);
@ -5287,19 +5284,13 @@ static void test_quotes(void)
    size = MAX_PATH;
    r = MsiRecordGetString(hrec, 1, buf, &size);
    ok(r == ERROR_SUCCESS, "Expected ERROR_SUCCESS, got %d\n", r);
-    todo_wine
-    {
-        ok(!lstrcmp(buf, "This is a \"string\" ok"),
-           "Expected \"This is a \"string\" ok\", got %s\n", buf);
-    }
+    ok(!lstrcmp(buf, "This is a \"string\" ok"),
+       "Expected \"This is a \"string\" ok\", got %s\n", buf);

    MsiCloseHandle(hrec);

    r = MsiViewFetch(hview, &hrec);
-    todo_wine
-    {
-        ok(r == ERROR_NO_MORE_ITEMS, "Expected ERROR_NO_MORE_ITEMS, got %d\n", r);
-    }
+    ok(r == ERROR_NO_MORE_ITEMS, "Expected ERROR_NO_MORE_ITEMS, got %d\n", r);

    MsiViewClose(hview);
    MsiCloseHandle(hview);
--- a/dlls/msi/tokenize.c
+++ b/dlls/msi/tokenize.c
@ -254,13 +254,8 @@ int sqliteGetToken(const WCHAR *z, int *tokenType){
    case '`': case '\'': {
      int delim = z[0];
      for(i=1; z[i]; i++){
-        if( z[i]==delim ){
-          if( z[i+1]==delim ){
-            i++;
-          }else{
-            break;
-          }
-        }
+        if( z[i]==delim )
+          break;
      }
      if( z[i] ) i++;
      if( delim == '`' )