BUG #2424: initdb Did Not Escape the Password
От | imacat |
---|---|
Тема | BUG #2424: initdb Did Not Escape the Password |
Дата | |
Msg-id | 200605070628.k476Sraj005082@wwwmaster.postgresql.org обсуждение исходный текст |
Ответы |
Re: BUG #2424: initdb Did Not Escape the Password
(imacat <imacat@mail.imacat.idv.tw>)
|
Список | pgsql-bugs |
The following bug has been logged online: Bug reference: 2424 Logged by: imacat Email address: imacat@mail.imacat.idv.tw PostgreSQL version: 8.1.3 Operating system: Linux Description: initdb Did Not Escape the Password Details: The initdb seems did not escape (PQescapeString) the password. The following is my test result, with password: ab'ds)24 imacat@atlas ~ % initdb -D /tmp/postgres -E utf8 --locale=en_US.utf8 -U postgres -W The files belonging to this database system will be owned by user "postgres". This user must also own the server process. The database cluster will be initialized with locale en_US.utf8. fixing permissions on existing directory /tmp/postgres ... ok creating directory /tmp/postgres/global ... ok creating directory /tmp/postgres/pg_xlog ... ok creating directory /tmp/postgres/pg_xlog/archive_status ... ok creating directory /tmp/postgres/pg_clog ... ok creating directory /tmp/postgres/pg_subtrans ... ok creating directory /tmp/postgres/pg_twophase ... ok creating directory /tmp/postgres/pg_multixact/members ... ok creating directory /tmp/postgres/pg_multixact/offsets ... ok creating directory /tmp/postgres/base ... ok creating directory /tmp/postgres/base/1 ... ok creating directory /tmp/postgres/pg_tblspc ... ok selecting default max_connections ... 100 selecting default shared_buffers ... 1000 creating configuration files ... ok creating template1 database in /tmp/postgres/base/1 ... ok initializing pg_authid ... ok Enter new superuser password: Enter it again: setting password ... FATAL: syntax error at or near "ds" at character 41 child process exited with exit code 1 initdb: removing contents of data directory "/tmp/postgres" imacat@atlas ~ % I have attached a patch that seems to solve this issue. It works for me. Please tell me if there is any problem. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 diff -u -r postgresql-8.1.3.orig/src/bin/initdb/initdb.c postgresql-8.1.3/src/bin/initdb/initdb.c - --- postgresql-8.1.3.orig/src/bin/initdb/initdb.c 2005-11-23 02:23:26.000000000 +0800 +++ postgresql-8.1.3/src/bin/initdb/initdb.c 2006-05-07 14:07:30.000000000 +0800 @@ -1420,9 +1420,10 @@ { PG_CMD_DECL; - - char *pwd1, + char *pwd1, *pwdesc, *pwd2; char pwdpath[MAXPGPATH]; + size_t pwdlen; struct stat statbuf; if (pwprompt) @@ -1484,8 +1485,11 @@ PG_CMD_OPEN; + pwdlen = strlen(pwd1); + pwdesc = (char *)pg_malloc(pwdlen * 2 + 1); + PQescapeString(pwdesc, pwd1, pwdlen); PG_CMD_PRINTF2("ALTER USER \"%s\" WITH PASSWORD '%s';\n", - - effective_user, pwd1); + effective_user, pwdesc); PG_CMD_CLOSE; -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) iD8DBQFEXY7Vi9gubzC5S1wRAmuJAJ0UxXXuLQHDa2rPTUxZTgM0iIn8/wCgih3o cIMfUjN+Y6F0zHFSgmxrA2k= =pvBZ -----END PGP SIGNATURE-----
В списке pgsql-bugs по дате отправления: