Bug: special char in dbname is not correctly handled
Reproduce Steps
First go to Postgres to create a database:
CREATE DATABASE "funny""db'with\\quotes";
Then run the following python code:
In [1]: import pgdb In [2]: dbname = 'funny\"db\'with\\\\quotes' In [3]: pgdb.connect(database=dbname) Out[3]: <pgdb.Connection at 0x10e4f0af0> In [4]: pgdb.connect(database=dbname, port=5432) --------------------------------------------------------------------------- InternalError Traceback (most recent call last) <ipython-input-4-ac96bf54cbc4> in <module> ----> 1 pgdb.connect(database=dbname, port=5432) /Library/Python/3.8/site-packages/pgdb.py in connect(dsn, user, password, host, database, **kwargs) 1725 # open the connection 1726 # noinspection PyArgumentList -> 1727 cnx = _connect(dbname, dbhost, dbport, dbopt, dbuser, dbpasswd) 1728 return Connection(cnx) 1729 InternalError: connection to server on socket "/tmp/.s.PGSQL.5432" failed: FATAL: database "funny"db'with\quotes" does not exist
The strange thing is:
- [3] is OK
- [4] errors out
RCA
[4] pass port=5432 as kwarg, so it will enter this line of code https://github.com/PyGreSQL/PyGreSQL/blob/master/pgdb.py#L1721, and here it only escape dbname when there is space in dbname.
And the dbname variable here is confusing, it will also add port in the string.