cloud-fan commented on code in PR #56506: URL: https://github.com/apache/spark/pull/56506#discussion_r3410601785
########## sql/core/src/main/scala/org/apache/spark/sql/jdbc/MySQLDialect.scala: ########## @@ -266,7 +266,7 @@ private case class MySQLDialect() extends JdbcDialect with SQLConfHelper with No // See https://dev.mysql.com/doc/refman/8.0/en/alter-table.html override def getTableCommentQuery(table: String, comment: String): String = { - s"ALTER TABLE $table COMMENT = '$comment'" + s"ALTER TABLE $table COMMENT = '${escapeSql(comment)}'" Review Comment: Non-blocking, out of scope — just flagging for completeness: `escapeSql` doubles `'` but doesn't escape `\`. MySQL treats backslash as an escape character by default (`NO_BACKSLASH_ESCAPES` unset), so a comment containing a backslash can still be mangled (or break the statement if trailing) here. This is pre-existing and shared with `compileValue`'s MySQL string-predicate handling, and this PR is a strict improvement for the single-quote case, so nothing to change here. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
