2013-02-07
| ||
04:40 | • Closed ticket [1c456ae75f]: Connection String parsing doesn't handle quoted semicolons plus 4 other changes artifact: 6ef716772f user: mistachkin | |
04:35 | Add HexPassword connection string property to work around the inability to include a literal semicolon in a connection string property value. Pursuant to [1c456ae75f]. check-in: d33b63cd51 user: mistachkin tags: trunk | |
01:37 | • Ticket [1c456ae75f] Connection String parsing doesn't handle quoted semicolons status still Open with 5 other changes artifact: 0c061ee849 user: mistachkin | |
2013-02-05
| ||
23:50 | • Ticket [1c456ae75f]: 7 changes artifact: 483b4b9f76 user: anonymous | |
23:46 | • New ticket [1c456ae75f]. artifact: 5b197321e3 user: anonymous | |
Ticket Hash: | 1c456ae75fb9f2dd816d1c63cf8a29710893cd12 | |||
Title: | Connection String parsing doesn't handle quoted semicolons | |||
Status: | Closed | Type: | Code_Defect | |
Severity: | Important | Priority: | Medium | |
Subsystem: | Connection | Resolution: | Works_As_Designed | |
Last Modified: | 2013-02-07 04:40:06 | |||
Version Found In: | 1.0.83.0 | |||
User Comments: | ||||
anonymous added on 2013-02-05 23:46:45:
Check-in [36bb982dd7] introduced a change to SQLiteConnection.cs (http://system.data.sqlite.org/index.html/fdiff?v1=d03ae8eb97caae2f&v2=aa259cba1b6765e4) that causes it to no longer handle quoted connection string values that contain embedded semicolons. As per the code comments (lines 1338-39), "The Split() function of SQLiteBase accounts for and properly skips semi-colons in quoted strings". However, this function call was replaced with string.Split in this commit, which introduces the bug. A short program that reproduces the problem (by opening a database with a semicolon in the filename) follows: SQLiteConnectionStringBuilder csb = new SQLiteConnectionStringBuilder { DataSource = @"C:\Temp\database.sqlite" }; Console.WriteLine(csb.ConnectionString); using (SQLiteConnection connection = new SQLiteConnection(csb.ConnectionString)) { connection.Open(); Console.WriteLine("success"); } csb = new SQLiteConnectionStringBuilder { DataSource = @"C:\Temp\data;base.sqlite" }; Console.WriteLine(csb.ConnectionString); using (SQLiteConnection connection = new SQLiteConnection(csb.ConnectionString)) { connection.Open(); // *** FAILS HERE WITH ARGUMENTEXCEPTION *** Console.WriteLine("success"); } anonymous added on 2013-02-05 23:50:35: Minor update: Bug was first introduced in 1.0.83.0. mistachkin added on 2013-02-07 01:37:00: In theory, this issue impacts the "Data Source", "Uri", "Full Uri", and "Password" properties. However, the "Uri" and "FullUri" properties are of type URI, which does not allow un-escaped semicolons, per RFC 3986. The "Data Source" property is a file name. Technically, these are allowed to contain semicolons on Windows; however, this is bad practice for several reasons: 1. They may be easily confused with colons. 2. They are the connection string property separator (i.e. this issue). 3. They may not be portable to other operating systems and/or environments. Finally, the "Password" property is free-form text. I propose solving this issue by adding an alternative property named "HexPassword" that allows an arbitrary sequence of bytes to be specified as the password via hexadecimal encoding. mistachkin added on 2013-02-07 04:40:06: The HexPassword connection string property has been added by check-in [d33b63cd51] on trunk. Per the previous comment, the remaining issue(s) are by design. |