From: Paul Ramsey <pramsey@cleverelephant.ca>
Date: Wed, 23 Dec 2009 19:49:37 +0000 (+0000)
Subject: Sanitize the connection string displayed in the GUI log (#356)
X-Git-Tag: 1.5.0b1~51
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=80fd83584d73f0d7729ec371fc7c15c315466d45;p=postgis

Sanitize the connection string displayed in the GUI log (#356)


git-svn-id: http://svn.osgeo.org/postgis/trunk@5052 b70326c6-7e19-0410-871a-916f4a2858ee
---

diff --git a/loader/shp2pgsql-gui.c b/loader/shp2pgsql-gui.c
index 3285dd62e..789f18b5c 100644
--- a/loader/shp2pgsql-gui.c
+++ b/loader/shp2pgsql-gui.c
@@ -456,13 +456,26 @@ static void
 pgui_action_connection_test(GtkWidget *widget, gpointer data)
 {
 	char *connection_string = NULL;
+	char *connection_sanitized = NULL;
+	char *ptr = NULL;
 
 	if ( ! (connection_string = pgui_read_connection()) )
 	{
 		pgui_raise_error_dialogue();
 		return;
 	}
-	pgui_logf("Connecting: %s", connection_string);
+	
+	/* Clean the password out of the string before we display it. */
+	connection_sanitized = strdup(connection_string);
+	ptr = strstr(connection_sanitized, "password");
+	ptr += 9;
+	while( *ptr != ' ' && *ptr != '\0' )
+	{
+		*ptr = '*';
+		ptr++;
+	}
+	pgui_logf("Connecting: %s", connection_sanitized);
+	free(connection_sanitized);
 
 	if ( pg_connection )
 		PQfinish(pg_connection);