From 9ddf0e11ef0e004ccf9002061e9191c7739d9eb6 Mon Sep 17 00:00:00 2001
From: Elena Shostak <165678770+elena-shostak@users.noreply.github.com>
Date: Thu, 17 Oct 2024 13:37:05 +0200
Subject: [PATCH] [ESQL] String escaping fix (#196643)

## Summary

To PR fix the problem with string escaping, we need to ensure that
backslashes are properly escaped in addition to double quotes.

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 packages/kbn-esql-utils/src/utils/append_to_query.ts | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/packages/kbn-esql-utils/src/utils/append_to_query.ts b/packages/kbn-esql-utils/src/utils/append_to_query.ts
index 2820881810387..36af3c91a8f04 100644
--- a/packages/kbn-esql-utils/src/utils/append_to_query.ts
+++ b/packages/kbn-esql-utils/src/utils/append_to_query.ts
@@ -40,7 +40,8 @@ export function appendWhereClauseToESQLQuery(
     default:
       operator = '==';
   }
-  let filterValue = typeof value === 'string' ? `"${value.replace(/\"/g, '\\"')}"` : value;
+  let filterValue =
+    typeof value === 'string' ? `"${value.replace(/\\/g, '\\\\').replace(/\"/g, '\\"')}"` : value;
   // Adding the backticks here are they are needed for special char fields
   let fieldName = `\`${field}\``;