Bug 1566944

Summary: cpdb does not handle special characters in its parameters
Product: [Community] Candlepin Reporter: Ales Dujicek <adujicek>
Component: candlepinAssignee: candlepin-bugs
Status: CLOSED WONTFIX QA Contact:
Severity: medium Docs Contact:
Priority: high    
Version: 2.1CC: bcourt, khowell, nmoumoul, redakkan
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-11-22 15:06:16 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ales Dujicek 2018-04-13 08:12:00 UTC 
Description of problem:

for example ampersand in password causes cpdb to fail when cpdb calls liquibase

# cpdb --create --schema-only --dbhost=localhost --dbport=5432 --database='candlepin1db' --user='candlepin1' --password='c&ndlepin1pw'

########## ERROR ############
Error running command: liquibase --driver=org.postgresql.Driver --classpath=/usr/share/java/postgresql-jdbc.jar:/var/lib/tomcat/webapps/candlepin/WEB-INF/classes/ --changeLogFile=db/changelog/changelog-create.xml --url=jdbc:postgresql://localhost:5432/candlepin1db --username=candlepin1 --password=c&ndlepin1pw --logLevel=severe migrate -Dcommunity=False
Status code: 32512
Command output: sh: ndlepin1pw: command not found
Errors:
  Command not passed

the problem is 

Version-Release number of selected component (if applicable):
candlepin-2.1.14-1.el7.noarch

How reproducible:
always

Steps to Reproduce:
1. use special character in --database --user or --password parameter of cpdb
Comment 3 Nikos Moumoulidis 2023-11-22 15:06:16 UTC 
Thank you for your interest in Candlepin. We have evaluated this request, and while we recognize that it is a valid request, we do not expect this to be implemented in the product in the foreseeable future. This is due to other priorities for the project, and not a reflection on the request itself. We are therefore closing this out as WONTFIX. If you have any concerns about this feel free to open a new bug with more up to date details. Thank you.