From fa70fef03d337110f394dc25ef0b086ff2fce228 Mon Sep 17 00:00:00 2001
From: Ammar ELWazir <ammar.elwazir@amd.com>
Date: Wed, 3 Sep 2025 13:08:40 -0500
Subject: [PATCH] Fixing ROCPD SQL Inserts with strange text (#825)

* Fixing ROCPD SQL Inserts with strange text

* Apply suggestion from @Copilot

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* Update generateRocpd.cpp

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---
 projects/rocprofiler-sdk/source/lib/output/generateRocpd.cpp | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/projects/rocprofiler-sdk/source/lib/output/generateRocpd.cpp b/projects/rocprofiler-sdk/source/lib/output/generateRocpd.cpp
index 3e4406b35e..a08bdbf6e3 100644
--- a/projects/rocprofiler-sdk/source/lib/output/generateRocpd.cpp
+++ b/projects/rocprofiler-sdk/source/lib/output/generateRocpd.cpp
@@ -329,7 +329,10 @@ insert_value(std::string_view _name, const Tp& _value, TraitT = {})
                 return sql_insert_value{_name, std::string{"NULL"}};
             }
         }
-        return sql_insert_value{_name, fmt::format("'{}'", _value)};
+        // Sanitize string values before embedding into SQL to escape quotes and remove
+        // problematic control/separator characters.
+        auto _sanitized = sanitize_sql_string(std::string{_value});
+        return sql_insert_value{_name, fmt::format("'{}'", _sanitized)};
     }
     else
     {