Test if inserted data is correctly retrieved after being escaped

Author: arvenil

Diff for: driver_test.go

@@ -1563,7 +1563,7 @@ func TestSqlInjection(t *testing.T) {
 			} else if err == nil {
 				dbt.Errorf("Sql injection successful with arg: %s", arg)
 			} else {
-				dbt.Errorf("Error running query with arg: %s; err: %s", err.Error())
+				dbt.Errorf("Error running query with arg: %s; err: %s", arg, err.Error())
 			}
 		}
 	}
@@ -1577,3 +1577,32 @@ func TestSqlInjection(t *testing.T) {
 		runTests(t, testdsn, createTest("' OR '1'='1"))
 	}
 }
+
+// Test if inserted data is correctly retrieved after being escaped
+func TestInsertRetrieveEscapedData(t *testing.T) {
+	testData := func(dbt *DBTest) {
+		dbt.mustExec("CREATE TABLE test (v VARCHAR(255))")
+
+		// All sequences that are escaped by EscapeQuotes and EscapeString
+		v := "foo \x00\n\r\x1a\"'\\"
+		dbt.mustExec("INSERT INTO test VALUES (?)", v)
+
+		var out string
+		err := dbt.db.QueryRow("SELECT v FROM test").Scan(&out)
+		if err != nil {
+			dbt.Fatalf("%s", err.Error())
+		}
+
+		if out != v {
+			dbt.Errorf("%q != %q", out, v)
+		}
+	}
+
+	dsns := []string{
+		dsn,
+		dsn + "&sql_mode=NO_BACKSLASH_ESCAPES",
+	}
+	for _, testdsn := range dsns {
+		runTests(t, testdsn, testData)
+	}
+}