mail/dspam: fix with sqlite3 with DQS option enabled

Use single quotes for strings in SQL statements to avoid them failing. PR: 279418 Approved by: portmgr (build fix blanket) MFH: 2024Q4
2025-04-28 09:36:41 -04:00 · 2024-11-30 12:04:15 +01:00 · 2024-11-30 12:04:15 +01:00 · 9655fa3e95
commit 9655fa3e95
parent 69240ce2a1
2 changed files with 39 additions and 1 deletions
--- a/mail/dspam/Makefile
+++ b/mail/dspam/Makefile
@ -4,7 +4,7 @@

 PORTNAME=	dspam
 PORTVERSION=	3.10.2
-PORTREVISION=	10
+PORTREVISION=	11
 CATEGORIES=	mail
 MASTER_SITES=	SF/${PORTNAME}/${PORTNAME}/${PORTNAME}-${PORTVERSION}

--- a/mail/dspam/files/patch-src_sqlite3__drv.c
+++ b/mail/dspam/files/patch-src_sqlite3__drv.c
@ -0,0 +1,38 @@
+--- src/sqlite3_drv.c.orig	2024-06-01 03:59:05 UTC
+++ src/sqlite3_drv.c
+@@ -918,7 +918,7 @@ _ds_get_signature (DSPAM_CTX * CTX, struct _ds_spam_si
+   }
+ 
+   snprintf (query, sizeof (query),
+-            "SELECT data FROM dspam_signature_data WHERE signature=\"%s\"",
+            "SELECT data FROM dspam_signature_data WHERE signature='%s'",
+             signature);
+ 
+   if ((sqlite3_prepare(s->dbh, query, -1, &stmt, &query_tail))
+@@ -967,7 +967,7 @@ _ds_set_signature (DSPAM_CTX * CTX, struct _ds_spam_si
+ 
+   snprintf (scratch, sizeof (scratch),
+             "INSERT INTO dspam_signature_data (signature,created_on,data)"
+-            " VALUES (\"%s\",date('now'),?)", signature);
+            " VALUES ('%s',date('now'),?)", signature);
+ 
+   if ((sqlite3_prepare(s->dbh, scratch, -1, &stmt, &query_tail))!=SQLITE_OK)
+   {
+@@ -1001,7 +1001,7 @@ _ds_delete_signature (DSPAM_CTX * CTX, const char *sig
+   }
+ 
+   snprintf (query, sizeof (query),
+-            "DELETE FROM dspam_signature_data WHERE signature=\"%s\"",
+            "DELETE FROM dspam_signature_data WHERE signature='%s'",
+              signature);
+ 
+   if ((sqlite3_exec(s->dbh, query, NULL, NULL, &err))!=SQLITE_OK)
+@@ -1028,7 +1028,7 @@ _ds_verify_signature (DSPAM_CTX * CTX, const char *sig
+   }
+ 
+   snprintf (query, sizeof (query),
+-        "SELECT signature FROM dspam_signature_data WHERE signature=\"%s\"",
+        "SELECT signature FROM dspam_signature_data WHERE signature='%s'",
+         signature);
+ 
+   if ((sqlite3_get_table(s->dbh, query, &row, &nrow, &ncolumn, &err))!=SQLITE_OK)  {