mirror of
https://github.com/inspec/inspec
synced 2024-11-27 15:10:44 +00:00
Merge pull request #4393 from dalee-bis/query-double-quote-escape-fix
Fixed MssqlSession.query not escaping double quote correctly
This commit is contained in:
commit
14e611b25a
1 changed files with 1 additions and 1 deletions
|
@ -53,7 +53,7 @@ module Inspec::Resources
|
|||
end
|
||||
|
||||
def query(q) # rubocop:disable Metrics/PerceivedComplexity
|
||||
escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '\\"').gsub(/\$/, '\\$')
|
||||
escaped_query = q.gsub(/\\/, '\\\\').gsub(/"/, '""').gsub(/\$/, '\\$')
|
||||
# surpress 'x rows affected' in SQLCMD with 'set nocount on;'
|
||||
cmd_string = "sqlcmd -Q \"set nocount on; #{escaped_query}\" -W -w 1024 -s ','"
|
||||
cmd_string += " -U '#{@user}' -P '#{@password}'" unless @user.nil? || @password.nil?
|
||||
|
|
Loading…
Reference in a new issue