SERG-Delft
SQL string securing makes query string vendor specific.
When EvoSQL extracts the schema and prepares the SQL statement for coverage path extraction through sqlfpc, it securizes the query string where it sets table and column names to upper case and surrounds it with quotes: ". This is done to avoid problems with the dependencies that the GA uses, which can only deal with queries in a certain format. This way of securing the query makes the table and column names case sensitive which will cause trouble if coverage path SQL strings are later used to connect to the database, since the database will not recognize the given names.
We have currently removed the cases where names are capitalized (#28), however we are unsure whether this will cause undesired behavior.
Another problem is that the quotes are vendor specific. Table and column names are escaped differently based on the vendor, ` are used in MySQL for example. We have thought of this for the brew package where vendor options can be given. However if a query is given with the table names already escaped, brew can not guarantee it will remove the escape characters for a different vendor.
A possible solution that we have thought of is that we save the 'unsecured' string for later use in brew when the GA is executed, however the coverage paths will be in the Postgres format and these are very difficult to convert back to a normalized form.
