File CVE-2024-9774.patch of Package python-python-sql.18716

# HG changeset patch
# User Cédric Krier <ced@b2ck.com>
# Date 1727126499 -7200
#      Mon Sep 23 23:21:39 2024 +0200
# Node ID f20551bbb8b3b4c4dd0a2c3d36f377bff6f2f349
# Parent  0073b9f9afb14604734d1a36dea7293fe1a84ce1
Use parameter for unary operator

Closes #93

Index: python_sql-1.5.1/sql/operators.py
===================================================================
--- python_sql-1.5.1.orig/sql/operators.py
+++ python_sql-1.5.1/sql/operators.py
@@ -121,7 +121,8 @@ class NaryOperator(list, Operator):
         return self
 
     def __str__(self):
-        return '(' + (' %s ' % self._operator).join(map(str, self)) + ')'
+        return '(' + (' %s ' % self._operator).join(
+            map(self._format, self)) + ')'
 
 
 class And(NaryOperator):
Index: python_sql-1.5.1/sql/tests/test_operators.py
===================================================================
--- python_sql-1.5.1.orig/sql/tests/test_operators.py
+++ python_sql-1.5.1/sql/tests/test_operators.py
@@ -25,6 +25,10 @@ class TestOperators(unittest.TestCase):
         self.assertEqual(str(and_), '(%s AND "c2")')
         self.assertEqual(and_.params, (True,))
 
+        and_ = And((Literal(True), 'foo'))
+        self.assertEqual(str(and_), '(%s AND %s)')
+        self.assertEqual(and_.params, (True, 'foo'))
+
     def test_operator_operators(self):
         and_ = And((Literal(True), self.table.c1))
         and2 = and_ & And((Literal(True), self.table.c2))
Places

File CVE-2024-9774.patch of Package python-python-sql.18716

Places
