]> git.ipfire.org Git - thirdparty/sqlalchemy/sqlalchemy.git/commitdiff
projects / thirdparty / sqlalchemy / sqlalchemy.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: a4de30c)
Fix connection string escaping for mssql+pyodbc
authorGord Thompson <gord@gordthompson.com>
Thu, 4 Jun 2020 18:38:13 +0000 (12:38 -0600)
committerGord Thompson <gord@gordthompson.com>
Thu, 4 Jun 2020 18:38:13 +0000 (12:38 -0600)
Fixes: #5373
Change-Id: Ia41e8f1ef8644c54d23ebfdf3f909c785adf0fb0

doc/build/changelog/unreleased_13/5373.rst [new file with mode: 0644] patch | blob
lib/sqlalchemy/connectors/pyodbc.py patch | blob | blame | history
test/dialect/mssql/test_engine.py patch | blob | blame | history

diff --git a/doc/build/changelog/unreleased_13/5373.rst b/doc/build/changelog/unreleased_13/5373.rst
new file mode 100644 (file)
index 0000000..4396fbd
--- /dev/null
+++ b/doc/build/changelog/unreleased_13/5373.rst
@@ -0,0 +1,8 @@
+.. change::
+    :tags: bug, mssql
+    :tickets: 5373
+
+    Fixed issue with assembling the ODBC connection string for the pyodbc
+    DBAPI. Tokens containing semicolons and/or braces "{}" were not being
+    correctly escaped, causing the ODBC driver to misinterpret the
+    connection string attributes.
\ No newline at end of file
diff --git a/lib/sqlalchemy/connectors/pyodbc.py b/lib/sqlalchemy/connectors/pyodbc.py
index df1b2afdbb18502f6e75abd8cb12bcc93e11aa57..57a1c54fb43c039dfe78d4bbb437752cfe94ffea 100644 (file)
--- a/lib/sqlalchemy/connectors/pyodbc.py
+++ b/lib/sqlalchemy/connectors/pyodbc.py
@@ -56,7 +56,7 @@ class PyODBCConnector(Connector):
 
             def check_quote(token):
                 if ";" in str(token):
-                    token = "'%s'" % token
+                    token = "{%s}" % token.replace("}", "}}")
                 return token
 
             keys = dict((k, check_quote(v)) for k, v in keys.items())
diff --git a/test/dialect/mssql/test_engine.py b/test/dialect/mssql/test_engine.py
index 734224ed1bf6b0752eef41030af14a93209d9e4b..2209414890eb103e32d87fda3ea5580d731b68f9 100644 (file)
--- a/test/dialect/mssql/test_engine.py
+++ b/test/dialect/mssql/test_engine.py
@@ -210,7 +210,7 @@ class ParseConnectTest(fixtures.TestBase):
 
     def test_pyodbc_token_injection(self):
         token1 = "someuser%3BPORT%3D50001"
-        token2 = "somepw%3BPORT%3D50001"
+        token2 = "some{strange}pw%3BPORT%3D50001"
         token3 = "somehost%3BPORT%3D50001"
         token4 = "somedb%3BPORT%3D50001"
 
@@ -224,8 +224,8 @@ class ParseConnectTest(fixtures.TestBase):
             [
                 [
                     "DRIVER={foob};Server=somehost%3BPORT%3D50001;"
-                    "Database=somedb%3BPORT%3D50001;UID='someuser;PORT=50001';"
-                    "PWD='somepw;PORT=50001'"
+                    "Database=somedb%3BPORT%3D50001;UID={someuser;PORT=50001};"
+                    "PWD={some{strange}}pw;PORT=50001}"
                 ],
                 {},
             ],
Mirror of https://github.com/sqlalchemy/sqlalchemy.git