Skip to content

gh-153658: Fix sqlite3 iterdump() for table names containing a single quote#153659

Merged
erlend-aasland merged 2 commits into
python:mainfrom
tonghuaroot:iterdump-squote-name
Jul 14, 2026
Merged

gh-153658: Fix sqlite3 iterdump() for table names containing a single quote#153659
erlend-aasland merged 2 commits into
python:mainfrom
tonghuaroot:iterdump-squote-name

Conversation

@tonghuaroot

@tonghuaroot tonghuaroot commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

sqlite3.Connection.iterdump() raised sqlite3.OperationalError for a table
or column name containing a single quote, because the generated INSERT
statement embeds the quoted identifier inside a single-quoted SQL string
literal without doubling the single quotes. The FROM clause uses the
identifier form as-is; only the string-literal copy needs escaping.

Doubling the single quotes in the string-literal copy makes the dump of a
table whose name contains ' well-formed again, and it round-trips through
executescript(). Names containing a double quote or a newline were already
handled and are unaffected.

@erlend-aasland erlend-aasland left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the report and the PR! Mostly looks good, but I have a nitpick regarding the inlined escaping.

Comment thread Lib/sqlite3/dump.py Outdated
@erlend-aasland erlend-aasland merged commit 2fc3c4d into python:main Jul 14, 2026
55 checks passed
@miss-islington-app

This comment was marked as outdated.

@bedevere-app

bedevere-app Bot commented Jul 14, 2026

Copy link
Copy Markdown

GH-153682 is a backport of this pull request to the 3.15 branch.

@bedevere-app bedevere-app Bot removed the needs backport to 3.15 pre-release feature fixes, bugs and security fixes label Jul 14, 2026
@bedevere-app

bedevere-app Bot commented Jul 14, 2026

Copy link
Copy Markdown

GH-153683 is a backport of this pull request to the 3.14 branch.

@bedevere-app bedevere-app Bot removed the needs backport to 3.14 bugs and security fixes label Jul 14, 2026
@bedevere-app

bedevere-app Bot commented Jul 14, 2026

Copy link
Copy Markdown

GH-153684 is a backport of this pull request to the 3.13 branch.

@bedevere-app bedevere-app Bot removed the needs backport to 3.13 bugs and security fixes label Jul 14, 2026
erlend-aasland pushed a commit that referenced this pull request Jul 14, 2026
… single quote (GH-153659) (#153684)

(cherry picked from commit 2fc3c4d)

Co-authored-by: tonghuaroot (童话) <tonghuaroot@gmail.com>
erlend-aasland pushed a commit that referenced this pull request Jul 14, 2026
… single quote (GH-153659) (#153683)

(cherry picked from commit 2fc3c4d)

Co-authored-by: tonghuaroot (童话) <tonghuaroot@gmail.com>
erlend-aasland pushed a commit that referenced this pull request Jul 14, 2026
… single quote (GH-153659) (#153682)

(cherry picked from commit 2fc3c4d)

Co-authored-by: tonghuaroot (童话) <tonghuaroot@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

sqlite3.Connection.iterdump() fails for a table name containing a single quote

2 participants