vault: deal with SQL injection possibilities from `query`

[rohany]

The query command currently takes in a raw SQL expression to apply to the existing instances. A malicious user could mess up internal vault state with a SQL injection attack.

[rohany]

Now that #17 has landed, all that remains here is to ensure that we properly escape values within strings input to the Vault DSL.

[rohany]

https://github.com/cockroachdb/cockroach/blob/d62d1ba46c7d382d1402911d2d6b24257bc3d08b/pkg/sql/lex/encode.go#L65

[rohany]

I don't think that this is actually possible in the current status of the DSL.