> Oops. How about:
>
> foo'; DROP TABLE t1; -- foo
>
> The last ' gets removed, leaving -- (81a2).
>
> So you get:
> select ... '(0x81a2)'; DROP TABLE t1; -- (0x81a2)
This surely works:-< Ok, you gave me an enough example that shows even
7.1.x and 7.0.x are not safe.
Included are patches for 7.1.3. Patches for 7.0.3 and 6.5.3 will be
posted soon.