mirror of
https://github.com/django/django.git
synced 2025-01-03 15:06:09 +00:00
Refs #32061 -- Added test for dbshell password leak on PostgreSQL.
This commit is contained in:
parent
bbe6fbb876
commit
eb25fdb620
3
tests/dbshell/fake_client.py
Executable file
3
tests/dbshell/fake_client.py
Executable file
@ -0,0 +1,3 @@
|
|||||||
|
import sys
|
||||||
|
|
||||||
|
sys.exit(1)
|
@ -1,4 +1,7 @@
|
|||||||
import signal
|
import signal
|
||||||
|
import subprocess
|
||||||
|
import sys
|
||||||
|
from pathlib import Path
|
||||||
from unittest import mock, skipUnless
|
from unittest import mock, skipUnless
|
||||||
|
|
||||||
from django.db import connection
|
from django.db import connection
|
||||||
@ -113,3 +116,13 @@ class PostgreSqlDbshellCommandTestCase(SimpleTestCase):
|
|||||||
connection.client.runshell([])
|
connection.client.runshell([])
|
||||||
# dbshell restores the original handler.
|
# dbshell restores the original handler.
|
||||||
self.assertEqual(sigint_handler, signal.getsignal(signal.SIGINT))
|
self.assertEqual(sigint_handler, signal.getsignal(signal.SIGINT))
|
||||||
|
|
||||||
|
def test_crash_password_does_not_leak(self):
|
||||||
|
# The password doesn't leak in an exception that results from a client
|
||||||
|
# crash.
|
||||||
|
args, env = self.settings_to_cmd_args_env({'PASSWORD': 'somepassword'}, [])
|
||||||
|
fake_client = Path(__file__).with_name('fake_client.py')
|
||||||
|
args[0:1] = [sys.executable, str(fake_client)]
|
||||||
|
with self.assertRaises(subprocess.CalledProcessError) as ctx:
|
||||||
|
subprocess.run(args, check=True, env=env)
|
||||||
|
self.assertNotIn('somepassword', str(ctx.exception))
|
||||||
|
Loading…
Reference in New Issue
Block a user