Fix invalid json escaping

[gbip]

This fixes #223.

@saosebastiao Could you report if this fixes your issue ?

[codecov]

Codecov Report

Merging #224 (d3b0a09) into master (aaae520) will decrease coverage by 0.06%.
The diff coverage is 66.66%.

❗ Current head d3b0a09 differs from pull request most recent head e78333e. Consider uploading reports for the commit e78333e to get more accurate results

@@            Coverage Diff             @@
##           master     #224      +/-   ##
==========================================
- Coverage   49.02%   48.96%   -0.07%     
==========================================
  Files          14       14              
  Lines        1638     1636       -2     
==========================================
- Hits          803      801       -2     
  Misses        835      835              

Impacted Files	Coverage Δ
src/function_source.rs	89.79% <66.66%> (-0.41%)	⬇️
src/utils.rs	66.66% <66.66%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update aaae520...e78333e. Read the comment docs.

[saosebastiao]

Yes, this works correctly for our specific function source.

It might be good to modify the public.function_source function in the test suite to test for json parseability.

IF (query_params->>'sample_param')::varchar IS NULL THEN
    RAISE EXCEPTION 'the `sample_param` json parameter does not exist in `query_params`';
END

Then a test case could be written that feeds it '{"sample_param":"hello world"}'::json. If the query_params is an actual parseable json object, it will not throw an exception.

[gbip]

I agree that adding a test case would be a good idea, however I have more urgent tasks right now.

[gbip]

Yes, this works correctly for our specific function source.

It might be good to modify the public.function_source function in the test suite to test for json parseability.

IF (query_params->>'sample_param')::varchar IS NULL THEN
    RAISE EXCEPTION 'the `sample_param` json parameter does not exist in `query_params`';
END

Then a test case could be written that feeds it '{"sample_param":"hello world"}'::json. If the query_params is an actual parseable json object, it will not throw an exception.

I have been investigating a way for us to have some kind of unit tests.
However I am lacking sql skills and I could not find a way to write a function that tests if sample_param is not null.
If you happen to have written I can try to integrate it into the test suite, otherwise my PR will be ready for review.

[stepankuzmin]

Hey @gbip,

Thanks a lot for the PR! Could you please allow edits from maintainers, so I can add tests for this case?

[gbip]

It is on :)

[stepankuzmin]

Awesome, merged! Thank you, @gbip

[frodrigo]

Since this fix a security issue, I suggest making a new release.