Fixed_unescaped_password.patch
application/octet-stream
Filename: Fixed_unescaped_password.patch
Type: application/octet-stream
Part: 0
diff --git a/pgadmin/frm/frmPgpassConfig.cpp b/pgadmin/frm/frmPgpassConfig.cpp
index e160601..40f5249 100644
--- a/pgadmin/frm/frmPgpassConfig.cpp
+++ b/pgadmin/frm/frmPgpassConfig.cpp
@@ -172,7 +172,25 @@ void frmPgpassConfig::WriteFile(pgConn *conn)
wxString str;
size_t i;
for (i = 0 ; i < lines.GetCount() - 1 ; i++)
- str.Append(lines.Item(i).GetText() + wxT("\n"));
+ {
+ // Before writing it into the file we need to escape "\" and ":"
+ pgPassConfigLine line = lines.Item(i);
+ line.hostname.Replace(wxT("\\"), wxT("\\\\"));
+ line.hostname.Replace(wxT(":") , wxT("\\:"));
+ line.port.Replace(wxT("\\"), wxT("\\\\"));
+ line.port.Replace(wxT(":") , wxT("\\:"));
+ line.database.Replace(wxT("\\"), wxT("\\\\"));
+ line.database.Replace(wxT(":") , wxT("\\:"));
+ line.username.Replace(wxT("\\"), wxT("\\\\"));
+ line.username.Replace(wxT(":") , wxT("\\:"));
+ line.password.Replace(wxT("\\"), wxT("\\\\"));
+ line.password.Replace(wxT(":") , wxT("\\:"));
+
+ wxString strLine = line.hostname + wxT(":") + line.port + wxT(":") +
+ line.database + wxT(":") + line.username + wxT(":") + line.password + wxT("\n");
+
+ str.Append(strLine);
+ }
if (DoWriteFile(str, NULL))
{
diff --git a/pgadmin/schema/pgServer.cpp b/pgadmin/schema/pgServer.cpp
index 906d7ec..5d999e3 100644
--- a/pgadmin/schema/pgServer.cpp
+++ b/pgadmin/schema/pgServer.cpp
@@ -585,6 +585,13 @@ void pgServer::StorePassword()
+ username + wxT(":") ;
}
+ // Escape ":" and "\" from the password field
+ if (!passwd.IsEmpty())
+ {
+ passwd.Replace(wxT("\\"), wxT("\\\\"));
+ passwd.Replace(wxT(":") , wxT("\\:"));
+ }
+
file.Read(before);
wxStringTokenizer lines(before, wxT("\n\r"));
diff --git a/pgadmin/utils/pgconfig.cpp b/pgadmin/utils/pgconfig.cpp
index a7d9a31..b59531f 100644
--- a/pgadmin/utils/pgconfig.cpp
+++ b/pgadmin/utils/pgconfig.cpp
@@ -570,17 +570,47 @@ void pgPassConfigLine::Init(const wxString &line)
isComment = line.StartsWith(wxT("#"));
- wxStringTokenizer tok(isComment ? line.Mid(1) : line, wxT(":"));
- if (tok.HasMoreTokens())
- hostname = tok.GetNextToken();
- if (tok.HasMoreTokens())
- port = tok.GetNextToken();
- if (tok.HasMoreTokens())
- database = tok.GetNextToken();
- if (tok.HasMoreTokens())
- username = tok.GetNextToken();
- if (tok.HasMoreTokens())
- password = tok.GetNextToken();
+ wxString tmpLine = line;
+ // De-escape backslash "\"
+ tmpLine.Replace(wxT("\\\\"), wxT("\\"));
+
+ int iVarCount = 0;
+ wxStringTokenizer tok(isComment ? tmpLine.Mid(1) : tmpLine, wxT(":"));
+ while(tok.HasMoreTokens())
+ {
+ wxString val = tok.GetNextToken();
+ if (!val.IsEmpty())
+ {
+ /* if last charecter of the token is backslash "\" then it means
+ that it is used to escape ":" so we need to add the next token.
+ */
+ while(val.Last() == wxT('\\'))
+ {
+ val.RemoveLast();
+ val = val + wxT(":") + tok.GetNextToken();
+ }
+
+ iVarCount++;
+ switch(iVarCount)
+ {
+ case 1: // hostname
+ hostname = val;
+ break;
+ case 2: // port
+ port = val;
+ break;
+ case 3: // database
+ database = val;
+ break;
+ case 4: //username
+ username = val;
+ break;
+ case 5: // password
+ password = val;
+ break;
+ }
+ }
+ }
}
wxString pgPassConfigLine::GetText()