From 87470a0afb1a2fe960e0b330e2732156fe4efaba Mon Sep 17 00:00:00 2001
From: James Cor <james@ucsd.edu>
Date: Tue, 18 Nov 2025 17:35:29 -0800
Subject: [PATCH 1/4] unsafe string access in SQL

---
 sql/types/decimal.go | 10 +++++-----
 sql/types/json.go    |  3 ++-
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/sql/types/decimal.go b/sql/types/decimal.go
index ea51479d78..ca44b2adaf 100644
--- a/sql/types/decimal.go
+++ b/sql/types/decimal.go
@@ -17,14 +17,14 @@ package types
 import (
 	"context"
 	"fmt"
-	"math/big"
-	"reflect"
-	"strings"
-
+	"github.com/dolthub/go-mysql-server/sql/encodings"
 	"github.com/dolthub/vitess/go/sqltypes"
 	"github.com/dolthub/vitess/go/vt/proto/query"
 	"github.com/shopspring/decimal"
 	"gopkg.in/src-d/go-errors.v1"
+	"math/big"
+	"reflect"
+	"strings"
 
 	"github.com/dolthub/go-mysql-server/sql"
 	"github.com/dolthub/go-mysql-server/sql/values"
@@ -342,7 +342,7 @@ func (t DecimalType_) SQL(ctx *sql.Context, dest []byte, v interface{}) (sqltype
 	if err != nil {
 		return sqltypes.Value{}, err
 	}
-	val := AppendAndSliceString(dest, t.DecimalValueStringFixed(value.Decimal))
+	val := encodings.StringToBytes(t.DecimalValueStringFixed(value.Decimal))
 	return sqltypes.MakeTrusted(sqltypes.Decimal, val), nil
 }
 
diff --git a/sql/types/json.go b/sql/types/json.go
index 64ba15842c..9e6761f1b1 100644
--- a/sql/types/json.go
+++ b/sql/types/json.go
@@ -17,6 +17,7 @@ package types
 import (
 	"context"
 	"encoding/json"
+	"github.com/dolthub/go-mysql-server/sql/encodings"
 	"reflect"
 
 	"github.com/dolthub/vitess/go/sqltypes"
@@ -166,7 +167,7 @@ func (t JsonType) SQL(ctx *sql.Context, dest []byte, v interface{}) (sqltypes.Va
 		if err != nil {
 			return sqltypes.NULL, err
 		}
-		val = AppendAndSliceString(dest, str)
+		val = encodings.StringToBytes(str)
 	}
 
 	return sqltypes.MakeTrusted(sqltypes.TypeJSON, val), nil

From 468993152c443cbd2f419fec15c37be95deb5db7 Mon Sep 17 00:00:00 2001
From: James Cor <james@ucsd.edu>
Date: Tue, 18 Nov 2025 17:37:20 -0800
Subject: [PATCH 2/4] string concat instead of sprintf

---
 sql/analyzer/costed_index_scan.go | 2 +-
 sql/planbuilder/ddl.go            | 5 +++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/sql/analyzer/costed_index_scan.go b/sql/analyzer/costed_index_scan.go
index 62386ff036..b5fa511169 100644
--- a/sql/analyzer/costed_index_scan.go
+++ b/sql/analyzer/costed_index_scan.go
@@ -1086,7 +1086,7 @@ type iScanLeaf struct {
 
 func (l *iScanLeaf) normString() string {
 	if l.underlying != "" {
-		return fmt.Sprintf("%s.%s", strings.ToLower(l.underlying), strings.ToLower(l.gf.Name()))
+		return strings.ToLower(l.underlying) + "." + strings.ToLower(l.gf.Name())
 	}
 	return strings.ToLower(l.gf.String())
 }
diff --git a/sql/planbuilder/ddl.go b/sql/planbuilder/ddl.go
index 5380548945..758b57410a 100644
--- a/sql/planbuilder/ddl.go
+++ b/sql/planbuilder/ddl.go
@@ -1726,11 +1726,12 @@ func (b *Builder) resolveColumnDefaultExpression(inScope *scope, columnDef *sql.
 
 	// Empty string is a special case, it means the default value is the empty string
 	// TODO: why isn't this serialized as ''
-	if def.String() == "" {
+	defStr := def.String()
+	if defStr == "" {
 		return b.convertDefaultExpression(inScope, &ast.SQLVal{Val: []byte{}, Type: ast.StrVal}, columnDef.Type, columnDef.Nullable)
 	}
 
-	parsed, err := b.parser.ParseSimple(fmt.Sprintf("SELECT %s", def))
+	parsed, err := b.parser.ParseSimple("SELECT " + defStr)
 	if err != nil {
 		err := sql.ErrInvalidColumnDefaultValue.Wrap(err, def)
 		b.handleErr(err)

From cfe6ceb4472bd8a6f34af5911a6a13d610ea43fc Mon Sep 17 00:00:00 2001
From: James Cor <james@ucsd.edu>
Date: Tue, 18 Nov 2025 18:22:29 -0800
Subject: [PATCH 3/4] more unsafe

---
 sql/types/decimal.go | 2 +-
 sql/types/enum.go    | 2 +-
 sql/types/set.go     | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/sql/types/decimal.go b/sql/types/decimal.go
index ca44b2adaf..611d17f2a6 100644
--- a/sql/types/decimal.go
+++ b/sql/types/decimal.go
@@ -351,7 +351,7 @@ func (t DecimalType_) SQLValue(ctx *sql.Context, v sql.Value, dest []byte) (sqlt
 		return sqltypes.NULL, nil
 	}
 	d := values.ReadDecimal(v.Val)
-	return sqltypes.MakeTrusted(sqltypes.Decimal, []byte(t.DecimalValueStringFixed(d))), nil
+	return sqltypes.MakeTrusted(sqltypes.Decimal, encodings.StringToBytes(t.DecimalValueStringFixed(d))), nil
 }
 
 // String implements Type interface.
diff --git a/sql/types/enum.go b/sql/types/enum.go
index 5db9cfde81..df93751dcb 100644
--- a/sql/types/enum.go
+++ b/sql/types/enum.go
@@ -289,7 +289,7 @@ func (t EnumType) SQLValue(ctx *sql.Context, v sql.Value, dest []byte) (sqltypes
 	}
 
 	// TODO: write append style encoder
-	res, ok := charset.Encoder().Encode([]byte(value))
+	res, ok := charset.Encoder().Encode(encodings.StringToBytes(value))
 	if !ok {
 		if len(value) > 50 {
 			value = value[:50]
diff --git a/sql/types/set.go b/sql/types/set.go
index 6bba11ac11..0914ce6970 100644
--- a/sql/types/set.go
+++ b/sql/types/set.go
@@ -285,7 +285,7 @@ func (t SetType) SQLValue(ctx *sql.Context, v sql.Value, dest []byte) (sqltypes.
 	}
 
 	// TODO: write append style encoder
-	res, ok := resultCharset.Encoder().Encode([]byte(value))
+	res, ok := resultCharset.Encoder().Encode(encodings.StringToBytes(value))
 	if !ok {
 		if len(value) > 50 {
 			value = value[:50]

From ca636a768c3127d0bd63576b6dff3cc60a66843d Mon Sep 17 00:00:00 2001
From: jycor <jycor@users.noreply.github.com>
Date: Wed, 19 Nov 2025 05:48:36 +0000
Subject: [PATCH 4/4] [ga-format-pr] Run ./format_repo.sh to fix formatting

---
 sql/types/decimal.go | 9 +++++----
 sql/types/json.go    | 2 +-
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/sql/types/decimal.go b/sql/types/decimal.go
index 611d17f2a6..f430a0b159 100644
--- a/sql/types/decimal.go
+++ b/sql/types/decimal.go
@@ -17,16 +17,17 @@ package types
 import (
 	"context"
 	"fmt"
-	"github.com/dolthub/go-mysql-server/sql/encodings"
+	"math/big"
+	"reflect"
+	"strings"
+
 	"github.com/dolthub/vitess/go/sqltypes"
 	"github.com/dolthub/vitess/go/vt/proto/query"
 	"github.com/shopspring/decimal"
 	"gopkg.in/src-d/go-errors.v1"
-	"math/big"
-	"reflect"
-	"strings"
 
 	"github.com/dolthub/go-mysql-server/sql"
+	"github.com/dolthub/go-mysql-server/sql/encodings"
 	"github.com/dolthub/go-mysql-server/sql/values"
 )
 
diff --git a/sql/types/json.go b/sql/types/json.go
index 9e6761f1b1..474f91bcaa 100644
--- a/sql/types/json.go
+++ b/sql/types/json.go
@@ -17,7 +17,6 @@ package types
 import (
 	"context"
 	"encoding/json"
-	"github.com/dolthub/go-mysql-server/sql/encodings"
 	"reflect"
 
 	"github.com/dolthub/vitess/go/sqltypes"
@@ -25,6 +24,7 @@ import (
 	"github.com/shopspring/decimal"
 
 	"github.com/dolthub/go-mysql-server/sql"
+	"github.com/dolthub/go-mysql-server/sql/encodings"
 )
 
 var (