After some research tonight, I came to the conclusion that we need to give the column_type or column_name&table_name (so we can determinate the type) to sql_escape, so we can find out whether its binary data that is going to be handled or not. This however should be optional, so you can still use $db->sql_escape() as it works today.
I'd suggest to add a parameter $is_binary = false to sql_escape() and set this properly within _sql_validate_value(), therefore we need to either pass the column_name&table_name or column_type to that function aswell. I'd suggest to use the column_type here.
However if we want to fix this, we need to specify the table on sql_build_array()and sql_in_set(),[sql_multi_insert() already has it] if it can contain binary data.
I will try to turn my idea into a patch later today or tomorrow, so we can see whether its too much or not.