fuzzbench icon indicating copy to clipboard operation
fuzzbench copied to clipboard
verified publisher icon google

Cloud Config: Passwords with non-alphanumeric characters might not work.

Open mvanotti opened this issue 2 years ago • 4 comments

I am following the documentation for setting up a cloud project and they mention to set up a password for the sql database. I used a chrome auto-suggested password that contained non-alphabetic characters ('@', '.', and ':'), and that caused the alembic upgrade command to fail:

PYTHONPATH=. alembic upgrade head

  File "/data/fuzzbench/database/alembic/env.py", line 90, in <module>                                                                     
    run_migrations_online()                                                                                                                
  File "/data/fuzzbench/database/alembic/env.py", line 73, in run_migrations_online                                                        
    connectable = engine_from_config(                                                                                                      
  File "/data/fuzzbench/.venv/lib/python3.10/site-packages/sqlalchemy/engine/create.py", line 743, in engine_from_config                   
    return create_engine(url, **options)                                                                                                   
  File "<string>", line 2, in create_engine                                                                                                
  File "/data/fuzzbench/.venv/lib/python3.10/site-packages/sqlalchemy/util/deprecations.py", line 309, in warned                           
    return fn(*args, **kwargs)                                                                                                             
  File "/data/fuzzbench/.venv/lib/python3.10/site-packages/sqlalchemy/engine/create.py", line 518, in create_engine                        
    u = _url.make_url(url)                                                                                                                 
  File "/data/fuzzbench/.venv/lib/python3.10/site-packages/sqlalchemy/engine/url.py", line 725, in make_url                                
    return _parse_rfc1738_args(name_or_url)                                                                                                
  File "/data/fuzzbench/.venv/lib/python3.10/site-packages/sqlalchemy/engine/url.py", line 781, in _parse_rfc1738_args                     
    components["port"] = int(components["port"])                                                                                           
ValueError: invalid literal for int() with base 10: '@127.0.0.1:5432'

It seems like the regexp used to parse the database url does not support a password with strange characters. A workaround is to remove the offending characters from the password.

mvanotti avatar Mar 29 '23 21:03 mvanotti

Sorry, I am not sure if I understood you correctly. Would removing the offending characters affect the correctness of the password?

Alternatively, we can emphasize that non-alphabetic characters are not supported for now.

DonggeLiu avatar Apr 03 '23 01:04 DonggeLiu

The password is correct and valid (with the non-alphanumeric characters).

The problem is that the alembic script needs to escape the url before calling create_engine. See the SQL Alchemy docs for the explanation.

They propose two solutions: either use urllib to escape the password before setting it, or using a URL object in sql alchemy. Sadly, it seems like fuzzbench's sqlalchemy version doesn't have the URL module, so it might need to be updated first.

mvanotti avatar Apr 03 '23 13:04 mvanotti

On top of the issue with the url quotes, the config set option uses python interpolation strings, so it fails when the password contains %. I uploaded a PR that addresses these two issues, but needs more testing.

mvanotti avatar Apr 03 '23 16:04 mvanotti

Thanks!

DonggeLiu avatar Apr 11 '23 00:04 DonggeLiu