Change ${quote_pgsql to quote ' as '' instead of \' because of a

security issue.

3 files changed, 14 insertions, 1 deletions

diff --git a/test/scripts/9200-PostgreSQL/9200 b/test/scripts/9200-PostgreSQL/9200
index 2fd81f5e4..c4440a89e 100644
--- a/test/scripts/9200-PostgreSQL/9200
+++ b/test/scripts/9200-PostgreSQL/9200
@@ -9,6 +9,7 @@ ${lookup pgsql {delete from them where id='nonexist';}}
 ${lookup pgsql {select * from them where id='quote2';}}
 ${lookup pgsql {select * from them where id='newline';}}
 ${lookup pgsql {select * from them where id='tab';}}
+${lookup pgsql {select * from them where name='${quote_pgsql:'stquot}';}}
 ****
 exim -d -bh 10.0.0.0
 mail from:<a@b>
diff --git a/test/stderr/9200 b/test/stderr/9200
index 1a004b30f..593ec4d9c 100644
--- a/test/stderr/9200
+++ b/test/stderr/9200
@@ -100,7 +100,18 @@ internal_search_find: file="NULL"
 database lookup required for select * from them where id='tab';
 PGSQL query: select * from them where id='tab';
 PGSQL using cached connection for localhost/test/CALLER
-lookup yielded: name="x x" id=tab 
+lookup yielded: name="x	x" id=tab 
+search_open: pgsql "NULL"
+  cached open
+search_find: file="NULL"
+  key="select * from them where name='''stquot';" partial=-1 affix=NULL starflags=0
+LRU list:
+internal_search_find: file="NULL"
+  type=pgsql key="select * from them where name='''stquot';"
+database lookup required for select * from them where name='''stquot';
+PGSQL query: select * from them where name='''stquot';
+PGSQL using cached connection for localhost/test/CALLER
+lookup yielded: name='stquot id=quote1 
 search_tidyup called
 close PGSQL connection: localhost/test/CALLER
 >>>>>>>>>>>>>>>> Exim pid=pppp terminating with rc=0 >>>>>>>>>>>>>>>>
diff --git a/test/stdout/9200 b/test/stdout/9200
index 833f670ce..4b97f9f71 100644
--- a/test/stdout/9200
+++ b/test/stdout/9200
@@ -8,6 +8,7 @@
 > name="before
 after" id=newline 
 > name="x	x" id=tab 
+> name='stquot id=quote1 
 > 
 
 **** SMTP testing session as if from host 10.0.0.0