fix(backend): SQLのサニタイズを強化 (#14920)

* Fix code scanning alert no. 28: Incomplete string escaping or encoding (MisskeyIO#800) Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> (cherry picked from commit 443335c662b14f609d6a81a8f3807e95709aebc1) * ✌️ --------- Co-authored-by: あわわわとーにゅ <17376330+u1-liquid@users.noreply.github.com>

fix(backend): SQLのサニタイズを強化 (#14920)
* Fix code scanning alert no. 28: Incomplete string escaping or encoding (MisskeyIO#800) Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> (cherry picked from commit 443335c662b14f609d6a81a8f3807e95709aebc1) * ✌️ --------- Co-authored-by: あわわわとーにゅ <17376330+u1-liquid@users.noreply.github.com>
98b4717c · かっこかり · GitHub · 8a4ce16e · 98b4717c
Unverified Commit 98b4717c authored 4 months ago by かっこかり Committed by GitHub 4 months ago
--- a/packages/backend/src/misc/sql-like-escape.ts
+++ b/packages/backend/src/misc/sql-like-escape.ts
@@ -4,5 +4,5 @@
 */

 export function sqlLikeEscape(s: string) {
-	return s.replace(/([%_])/g, '\\$1');
+	return s.replace(/([\\%_])/g, '\\$1');
 }