From: | imacat <imacat(at)mail(dot)imacat(dot)idv(dot)tw> |
---|---|
To: | PostgreSQL Bugs <pgsql-bugs(at)postgresql(dot)org> |
Subject: | initdb Did Not Escape the Password |
Date: | 2006-05-07 06:10:48 |
Message-ID: | 20060507141024.FE19.IMACAT@mail.imacat.idv.tw |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-bugs |
Dear all,
The initdb seems did not escape (PQescapeString) the password. The
following is my test result, with password: ab'ds)24
imacat(at)atlas ~ % initdb -D /tmp/postgres -E utf8 --locale=en_US.utf8 -U postgres -W
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.
The database cluster will be initialized with locale en_US.utf8.
fixing permissions on existing directory /tmp/postgres ... ok
creating directory /tmp/postgres/global ... ok
creating directory /tmp/postgres/pg_xlog ... ok
creating directory /tmp/postgres/pg_xlog/archive_status ... ok
creating directory /tmp/postgres/pg_clog ... ok
creating directory /tmp/postgres/pg_subtrans ... ok
creating directory /tmp/postgres/pg_twophase ... ok
creating directory /tmp/postgres/pg_multixact/members ... ok
creating directory /tmp/postgres/pg_multixact/offsets ... ok
creating directory /tmp/postgres/base ... ok
creating directory /tmp/postgres/base/1 ... ok
creating directory /tmp/postgres/pg_tblspc ... ok
selecting default max_connections ... 100
selecting default shared_buffers ... 1000
creating configuration files ... ok
creating template1 database in /tmp/postgres/base/1 ... ok
initializing pg_authid ... ok
Enter new superuser password:
Enter it again:
setting password ... FATAL: syntax error at or near "ds" at character 41
child process exited with exit code 1
initdb: removing contents of data directory "/tmp/postgres"
imacat(at)atlas ~ %
I have attached a patch that seems to solve this issue. It works
for me. Please tell me if there is any problem.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
diff -u -r postgresql-8.1.3.orig/src/bin/initdb/initdb.c postgresql-8.1.3/src/bin/initdb/initdb.c
- --- postgresql-8.1.3.orig/src/bin/initdb/initdb.c 2005-11-23 02:23:26.000000000 +0800
+++ postgresql-8.1.3/src/bin/initdb/initdb.c 2006-05-07 14:07:30.000000000 +0800
@@ -1420,9 +1420,10 @@
{
PG_CMD_DECL;
- - char *pwd1,
+ char *pwd1, *pwdesc,
*pwd2;
char pwdpath[MAXPGPATH];
+ size_t pwdlen;
struct stat statbuf;
if (pwprompt)
@@ -1484,8 +1485,11 @@
PG_CMD_OPEN;
+ pwdlen = strlen(pwd1);
+ pwdesc = (char *)pg_malloc(pwdlen * 2 + 1);
+ PQescapeString(pwdesc, pwd1, pwdlen);
PG_CMD_PRINTF2("ALTER USER \"%s\" WITH PASSWORD '%s';\n",
- - effective_user, pwd1);
+ effective_user, pwdesc);
PG_CMD_CLOSE;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
iD8DBQFEXY7Vi9gubzC5S1wRAmuJAJ0UxXXuLQHDa2rPTUxZTgM0iIn8/wCgih3o
cIMfUjN+Y6F0zHFSgmxrA2k=
=pvBZ
-----END PGP SIGNATURE-----
--
Best regards,
imacat ^_*' <imacat(at)mail(dot)imacat(dot)idv(dot)tw>
PGP Key: http://www.imacat.idv.tw/me/pgpkey.txt
<<Woman's Voice>> News: http://www.wov.idv.tw/
Tavern IMACAT's: http://www.imacat.idv.tw/
TLUG List Manager: http://lists.linux.org.tw/cgi-bin/mailman/listinfo/tlug
From | Date | Subject | |
---|---|---|---|
Next Message | imacat | 2006-05-07 06:28:53 | BUG #2424: initdb Did Not Escape the Password |
Previous Message | Bruce Momjian | 2006-05-06 23:15:54 | Re: BUG #2419: could not reattach to shared memory |