mirror of
https://github.com/ckaczor/sqltoolsservice.git
synced 2026-02-16 10:58:30 -05:00
Use proper SecureString construction to avoid empty password issues (#417)
This commit is contained in:
@@ -175,25 +175,22 @@ namespace Microsoft.SqlTools.ServiceLayer.Admin
|
|||||||
internal static DatabaseTaskHelper CreateDatabaseTaskHelper(ConnectionInfo connInfo, bool databaseExists = false)
|
internal static DatabaseTaskHelper CreateDatabaseTaskHelper(ConnectionInfo connInfo, bool databaseExists = false)
|
||||||
{
|
{
|
||||||
XmlDocument xmlDoc = CreateDataContainerDocument(connInfo, databaseExists);
|
XmlDocument xmlDoc = CreateDataContainerDocument(connInfo, databaseExists);
|
||||||
char[] passwordArray = connInfo.ConnectionDetails.Password.ToCharArray();
|
|
||||||
CDataContainer dataContainer;
|
CDataContainer dataContainer;
|
||||||
|
|
||||||
// check if the connection is using SQL Auth or Integrated Auth
|
// check if the connection is using SQL Auth or Integrated Auth
|
||||||
if (string.Equals(connInfo.ConnectionDetails.AuthenticationType, "SqlLogin", StringComparison.OrdinalIgnoreCase))
|
if (string.Equals(connInfo.ConnectionDetails.AuthenticationType, "SqlLogin", StringComparison.OrdinalIgnoreCase))
|
||||||
{
|
{
|
||||||
unsafe
|
var passwordSecureString = new System.Security.SecureString();
|
||||||
{
|
foreach (char c in connInfo.ConnectionDetails.Password) {
|
||||||
fixed (char* passwordPtr = passwordArray)
|
passwordSecureString.AppendChar(c);
|
||||||
{
|
|
||||||
dataContainer = new CDataContainer(
|
|
||||||
CDataContainer.ServerType.SQL,
|
|
||||||
connInfo.ConnectionDetails.ServerName,
|
|
||||||
false,
|
|
||||||
connInfo.ConnectionDetails.UserName,
|
|
||||||
new System.Security.SecureString(passwordPtr, passwordArray.Length),
|
|
||||||
xmlDoc.InnerXml);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
dataContainer = new CDataContainer(
|
||||||
|
CDataContainer.ServerType.SQL,
|
||||||
|
connInfo.ConnectionDetails.ServerName,
|
||||||
|
false,
|
||||||
|
connInfo.ConnectionDetails.UserName,
|
||||||
|
passwordSecureString,
|
||||||
|
xmlDoc.InnerXml);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
|
|||||||
Reference in New Issue
Block a user