From e20a2dcf833c396da44e7a94d0eedb75e84a3fdb Mon Sep 17 00:00:00 2001
From: Wing-Kam Wong <wingkwong.code@gmail.com>
Date: Tue, 28 Jun 2022 11:36:19 +0800
Subject: [PATCH] fix: sanitize column name & unsanitize raw query

---
 .../nocodb/src/lib/db/sql-data-mapper/lib/sql/BaseModelSqlv2.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/nocodb/src/lib/db/sql-data-mapper/lib/sql/BaseModelSqlv2.ts b/packages/nocodb/src/lib/db/sql-data-mapper/lib/sql/BaseModelSqlv2.ts
index e575d7e54d..fe24eebae1 100644
--- a/packages/nocodb/src/lib/db/sql-data-mapper/lib/sql/BaseModelSqlv2.ts
+++ b/packages/nocodb/src/lib/db/sql-data-mapper/lib/sql/BaseModelSqlv2.ts
@@ -311,7 +311,7 @@ class BaseModelSqlv2 {
       );
     }
 
-    qb.count(this.model.primaryKey?.column_name || '*', {
+    qb.count(sanitize(this.model.primaryKey?.column_name) || '*', {
       as: 'count'
     }).first();
     const res = (await this.dbDriver.raw(unsanitize(qb.toQuery()))) as any;