BUG#22906307: MySQLConverter.escape() does not work for dates

nmariz · nmariz · commit cd5b70bfd788 · 2022-11-04T19:03:58.000Z
The MySQLConverter.escape() raises an error when the value types are
datetime objects.

With this patch, MySQLConverter.escape() will not try to escape values
that are not bytes or str types.

Change-Id: Iba28a74ab81a5289c329cee285c57d35e571bcb5
diff --git a/CHANGES.txt b/CHANGES.txt
@@ -30,6 +30,7 @@ v8.0.32
 - BUG#24364556: Improve warning behavior
 - BUG#23342572: Allow dictionaries as parameters in prepared statements
 - BUG#23339387: Add MySQLCursorPreparedDict option
+- BUG#22906307: MySQLConverter.escape() does not work for dates
 
 v8.0.31
 =======
diff --git a/lib/mysql/connector/conversion.py b/lib/mysql/connector/conversion.py
@@ -41,7 +41,6 @@
 from .custom_types import HexLiteral
 from .types import (
     DescriptionType,
-    EscapeSupportedTypes,
     RowType,
     StrOrBytes,
     ToMysqlInputTypes,
@@ -170,27 +169,23 @@ def __init__(
         ] = {}
 
     @staticmethod
-    def escape(value: EscapeSupportedTypes) -> EscapeSupportedTypes:
+    def escape(value: Any) -> Any:
         """
         Escapes special characters as they are expected to by when MySQL
         receives them.
         As found in MySQL source mysys/charset.c
 
         Returns the value if not a string, or the escaped string.
         """
-        if value is None:
-            return value
-        if isinstance(value, NUMERIC_TYPES):
-            return value
         if isinstance(value, (bytes, bytearray)):
             value = value.replace(b"\\", b"\\\\")
             value = value.replace(b"\n", b"\\n")
             value = value.replace(b"\r", b"\\r")
             value = value.replace(b"\047", b"\134\047")  # single quotes
             value = value.replace(b"\042", b"\134\042")  # double quotes
             value = value.replace(b"\032", b"\134\032")  # for Win32
-        else:
-            value = value.replace("\\", "\\\\")  # type: ignore[union-attr]
+        elif isinstance(value, str) and not isinstance(value, HexLiteral):
+            value = value.replace("\\", "\\\\")
             value = value.replace("\n", "\\n")
             value = value.replace("\r", "\\r")
             value = value.replace("\047", "\134\047")  # single quotes
diff --git a/lib/mysql/connector/django/schema.py b/lib/mysql/connector/django/schema.py
@@ -35,18 +35,13 @@
     DatabaseSchemaEditor as MySQLDatabaseSchemaEditor,
 )
 
-from mysql.connector.types import EscapeSupportedTypes
-
 
 class DatabaseSchemaEditor(MySQLDatabaseSchemaEditor):
     """This class is responsible for emitting schema-changing statements to the
     databases.
     """
 
-    def quote_value(
-        self,
-        value: EscapeSupportedTypes,
-    ) -> EscapeSupportedTypes:
+    def quote_value(self, value: Any) -> Any:
         """Quote value."""
         self.connection.ensure_connection()
         if isinstance(value, str):
diff --git a/lib/mysql/connector/types.py b/lib/mysql/connector/types.py
@@ -55,7 +55,6 @@
     ]
 ]
 ToMysqlOutputTypes = Optional[Union[int, float, bytes, "HexLiteral"]]
-EscapeSupportedTypes = Optional[Union[int, float, Decimal, "HexLiteral", StrOrBytes]]
 
 
 """ Network """
diff --git a/tests/test_conversion.py b/tests/test_conversion.py
@@ -189,6 +189,10 @@ def test_escape(self):
             int(1281288),  # should stay the same
             float(3.14),  # should stay the same
             Decimal("3.14"),  # should stay a Decimal
+            datetime.date(2022, 11, 7),
+            datetime.timedelta(hours=35, minutes=34, seconds=10),
+            datetime.datetime(2022, 11, 4, 9, 11, 0),
+            time.strptime("30 Nov 2022", "%d %b %Y"),
             r"back\slash",
             "newline\n",
             "return\r",
@@ -202,6 +206,10 @@ def test_escape(self):
             1281288,
             float(3.14),
             Decimal("3.14"),
+            datetime.date(2022, 11, 7),
+            datetime.timedelta(hours=35, minutes=34, seconds=10),
+            datetime.datetime(2022, 11, 4, 9, 11, 0),
+            time.strptime("30 Nov 2022", "%d %b %Y"),
             "back\\\\slash",
             "newline\\n",
             "return\\r",

Original file line number	Diff line number	Diff line change
`@@ -55,7 +55,6 @@`
`55`	`55`	`]`
`56`	`56`	`]`
`57`	`57`	`ToMysqlOutputTypes = Optional[Union[int, float, bytes, "HexLiteral"]]`
`58`		`-EscapeSupportedTypes = Optional[Union[int, float, Decimal, "HexLiteral", StrOrBytes]]`
`59`	`58`
`60`	`59`
`61`	`60`	`""" Network """`