ckaczor/sqltoolsservice
1
0
Fork 0
mirror of https://github.com/ckaczor/sqltoolsservice.git synced 2026-01-14 01:25:40 -05:00
Code Issues Packages Projects Releases Wiki Activity

Use proper SecureString construction to avoid empty password issues (#417)

Browse Source
This commit is contained in:
Matt Irvine
2017-07-18 13:40:26 -07:00
committed by GitHub
parent d5b2bcdcb7
commit 58a342a51b
1 changed files with 10 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

23
src/Microsoft.SqlTools.ServiceLayer/Admin/AdminService.cs
View File

@@ -175,25 +175,22 @@ namespace Microsoft.SqlTools.ServiceLayer.Admin
internal static DatabaseTaskHelper CreateDatabaseTaskHelper(ConnectionInfo connInfo, bool databaseExists = false)
{
XmlDocument xmlDoc = CreateDataContainerDocument(connInfo, databaseExists);
char[] passwordArray = connInfo.ConnectionDetails.Password.ToCharArray();
CDataContainer dataContainer;
// check if the connection is using SQL Auth or Integrated Auth
if (string.Equals(connInfo.ConnectionDetails.AuthenticationType, "SqlLogin", StringComparison.OrdinalIgnoreCase))
{
unsafe
{
fixed (char* passwordPtr = passwordArray)
{
dataContainer = new CDataContainer(
CDataContainer.ServerType.SQL,
connInfo.ConnectionDetails.ServerName,
false,
connInfo.ConnectionDetails.UserName,
new System.Security.SecureString(passwordPtr, passwordArray.Length),
xmlDoc.InnerXml);
}
var passwordSecureString = new System.Security.SecureString();
foreach (char c in connInfo.ConnectionDetails.Password) {
passwordSecureString.AppendChar(c);
}
dataContainer = new CDataContainer(
CDataContainer.ServerType.SQL,
connInfo.ConnectionDetails.ServerName,
false,
connInfo.ConnectionDetails.UserName,
passwordSecureString,
xmlDoc.InnerXml);
}
else
{