From 046b66ff4bd23430e37ef574d62a2003965a3807 Mon Sep 17 00:00:00 2001
From: Scott Sandler <ssandler@slack-corp.com>
Date: Tue, 18 Aug 2020 16:39:14 -0700
Subject: [PATCH] add failing test (#50)

* fix parsing for strings ending in \'

* Update InsertQueryTest.php
---
 src/Parser/Lexer.php      |  3 ++-
 tests/InsertQueryTest.php | 20 ++++++++++++++++++--
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/src/Parser/Lexer.php b/src/Parser/Lexer.php
index e75f47a..6e89b8a 100644
--- a/src/Parser/Lexer.php
+++ b/src/Parser/Lexer.php
@@ -82,7 +82,8 @@ private function groupComments(dict<int, string> $tokens): dict<int, string> {
       // we need to handle sequences that look like comments, but are inside quoted strings. to do that, we also need to know when quoted strings start and end
       // since a comment could contain a quote, and a quote could contain a comment, we can't safely process either first without being aware of the other
       // so first we check if the next token should be escaped, and then if it's a quote character
-      if ($token === '\\') {
+      // checking for !$escape_next here checks for \\\\ sequences
+      if ($token === '\\' && !$escape_next) {
         $escape_next = true;
       } else {
         $escape_next = false;
diff --git a/tests/InsertQueryTest.php b/tests/InsertQueryTest.php
index 241030b..b9e0565 100644
--- a/tests/InsertQueryTest.php
+++ b/tests/InsertQueryTest.php
@@ -13,8 +13,8 @@ final class InsertQueryTest extends HackTest {
   public static async function beforeFirstTestAsync(): Awaitable<void> {
     init(TEST_SCHEMA, true);
     $pool = new AsyncMysqlConnectionPool(darray[]);
-    static::$conn = await $pool->connect("example", 1, 'db1', '', '');
-    // block hole logging
+    static::$conn = await $pool->connect('example', 1, 'db1', '', '');
+    // black hole logging
     Logger::setHandle(new \Facebook\CLILib\TestLib\StringOutput());
   }
 
@@ -306,4 +306,20 @@ final class InsertQueryTest extends HackTest {
     ]);
   }
 
+  public async function testDupeInsertEscaping(): Awaitable<void> {
+    $conn = static::$conn as nonnull;
+    await $conn->query(<<<'EOT'
+      INSERT INTO table1 (`id`,`name`) VALUES (123456789, 'xÚdfíá()ÊÏMÊÏKòáÂÕÿfl©99ùåp>sQj¤Ø©¸¨©=)7±(I{^PSj\\%Krbv*+#©¶ Ì\0Ma\0a\0¤Ý7\\')
+      ON DUPLICATE KEY UPDATE `name`='xÚdfíá()ÊÏMÊÏKòáÂÕÿfl©99ùåp>sQj¤Ø©¸¨©=)7±(I{^PSj\\%Krbv*+#©¶ Ì\0Ma\0a\0¤Ý7\\'
+EOT
+    );
+    $results = await $conn->query("SELECT * FROM table1");
+    expect($results->rows())->toBeSame(vec[
+      dict[
+        'id' => 123456789,
+        'name' =>
+          "xÚdfíá()ÊÏMÊÏKòáÂÕÿfl©99ùåp>sQj¤Ø©¸¨©=)7±(I{^PSj\%Krbv*+#©¶ Ì\0Ma\0a\0¤Ý7\\",
+      ],
+    ]);
+  }
 }