search

Teradata / PyTd

A Python Module to make it easy to script powerful interactions with Teradata Database in a DevOps friendly way.
MIT License
108 stars 43 forks source link

Dollar sign character in password passed via UdaExec.connect() kwargs causes exception #44

Closed ShaunCurrier closed 8 years ago

ShaunCurrier commented 8 years ago

The problem is the way that string replacement is being done on the following line: https://github.com/Teradata/PyTd/blob/master/teradata/udaexec.py#L583

    def _resolve(self, value, sections, default, errorMsg):
        error = None
        for section in sections:
            try:
                s = self.sections[section]
                newValue = UdaExecTemplate(
                    value.replace("$$", "$$$$")).substitute(**s)    # PROBLEM LINE HERE
                if value != newValue:
                    value = self._resolve(newValue, sections, None, errorMsg)
                else:
                    value = value.replace("$$", "$")
                error = None
                break
            except KeyError as e:
                error = e
        if error is not None:
            if default is not None:
                return default
            if errorMsg is not None:
                raise api.InterfaceError(api.CONFIG_ERROR, errorMsg)
            else:
                raise api.InterfaceError(
                    api.CONFIG_ERROR, "Unable to resolve variable \"{}\".  "
                    "Not found: {}".format(value, error))
        return value

The line marked with the comment above is the problem. The substitute() method relies on special use of dollar signs in strings being operated on, which is a problem when a password with a dollar sign in it rolls around.

escheie commented 8 years ago

Have you tried escaping the dollar sign with another dollar sign (e.g. “$$”). This is required when any configuration parameter contains a "$" that is not meant to reference an external parameter.

ShaunCurrier commented 8 years ago

Sorry, we didn't try that. Understand that dollar signs may be used for parameters, but can we get a better error message? Currently, the exception is raised from the depths of Python and it's not clear what's happening or why. If I understand your diagnosis correctly, what's happening is that the single dollar sign is interpreted as denoting a parameter, but the parameter name had no meaning (obviously because it was unintentional). In this situation, I'd hope for a meaningful error.

asifhj commented 8 years ago

Here is the fix for this issue

https://github.com/asifhj/PyTd

There is a pull request also for code merge

escheie commented 8 years ago

I've confirmed that escaping the $ with another $ does solve the issue.

It looks like if the dollar sign is anywhere but the last character of the password, than a more useful error message is returned.

teradata.api.InterfaceError: ('CONFIG_ERROR', 'Unable to resolve variable "pas$word". Not found: \'word\'')

But I do see the stack trace above when the $ is at the end of the password.

I'll work on a fix that will improve the error message and include instructions about how to escape the input if a parameter reference is unintended. Thanks for reporting.