Gorm There is a problem with SQL injection when querying with SELECT

GORM Playground Link

I created a Device model and automatically generated the table, then used the Select method to query its fields and the results were stored in a map[string]interface{}. But the set field threw an error because sql injection happened.

https://github.com/go-gorm/playground/pull/511

Description

I created a Device model and automatically generated the table, then used the Select method to query its fields and the results were stored in a map[string]interface{}. But the set field threw an error because sql injection happened.

/* models */
type Device struct {
    Host     string  `gorm:"column:host"`
    Set      string  `gorm:"column:set"`
    CpuUsage float64 `gorm:"column:cpu_usage"`
}

/* main_test */
func TestGORM(t *testing.T) {
    device := Device{Host: "111.111.111.111", Set: "NY14536", CpuUsage: 6.31}

    DB.Create(&device)

    var result []map[string]interface{}
    fields := []string{"host", "cpu_usage", "set"}
    if err := DB.Debug().Table("devices").Select(fields).Find(&result).Error; err != nil {
        t.Errorf("Failed, got error: %v", err)
    }
}

Comment From: a631807682

https://gorm.io/docs/security.html#SQL-injection-Methods