From: Paul Ramsey Date: Fri, 25 Dec 2009 04:41:45 +0000 (+0000) Subject: Fix up another password leaking into the log (#356) X-Git-Tag: 1.5.0b1~49 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=9d6709c85774a5aa93d72587823ba60d7f4921c2;p=postgis Fix up another password leaking into the log (#356) git-svn-id: http://svn.osgeo.org/postgis/trunk@5054 b70326c6-7e19-0410-871a-916f4a2858ee --- diff --git a/loader/shp2pgsql-gui.c b/loader/shp2pgsql-gui.c index fbddfd8a3..24f2cc5e1 100644 --- a/loader/shp2pgsql-gui.c +++ b/loader/shp2pgsql-gui.c @@ -452,12 +452,27 @@ pgui_action_cancel(GtkWidget *widget, gpointer data) import_running = FALSE; } +static void +pgui_sanitize_connection_string(char *connection_string) +{ + char *ptr = strstr(connection_string, "password"); + if ( ptr ) + { + ptr += 9; + while( *ptr != ' ' && *ptr != '\0' ) + { + *ptr = '*'; + ptr++; + } + } + return; +} + static void pgui_action_connection_test(GtkWidget *widget, gpointer data) { char *connection_string = NULL; char *connection_sanitized = NULL; - char *ptr = NULL; if ( ! (connection_string = pgui_read_connection()) ) { @@ -465,18 +480,8 @@ pgui_action_connection_test(GtkWidget *widget, gpointer data) return; } - /* Clean the password out of the string before we display it. */ connection_sanitized = strdup(connection_string); - ptr = strstr(connection_sanitized, "password"); - if ( ptr ) - { - ptr += 9; - while( *ptr != ' ' && *ptr != '\0' ) - { - *ptr = '*'; - ptr++; - } - } + pgui_sanitize_connection_string(connection_string); pgui_logf("Connecting: %s", connection_sanitized); free(connection_sanitized); @@ -585,6 +590,7 @@ static void pgui_action_import(GtkWidget *widget, gpointer data) { char *connection_string = NULL; + char *connection_sanitized = NULL; char *dest_string = NULL; int ret, i = 0; char *header, *footer, *record; @@ -610,9 +616,12 @@ pgui_action_import(GtkWidget *widget, gpointer data) } /* Log what we know so far */ - pgui_logf("Connection: %s", connection_string); + connection_sanitized = strdup(connection_string); + pgui_sanitize_connection_string(connection_sanitized); + pgui_logf("Connection: %s", connection_sanitized); pgui_logf("Destination: %s.%s", config->schema, config->table); pgui_logf("Source File: %s", config->shp_file); + free(connection_sanitized); /* Connect to the database. */ if ( pg_connection ) PQfinish(pg_connection);