From 317a044e552ea33471a5f1a9c4d9368a71368fc6 Mon Sep 17 00:00:00 2001
From: Tom Hughes <tom@compton.nu>
Date: Wed, 27 Jul 2016 20:20:23 +0100
Subject: [PATCH 1/1] Escape passwords when creating postgres users

---
 cookbooks/postgresql/providers/user.rb | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/cookbooks/postgresql/providers/user.rb b/cookbooks/postgresql/providers/user.rb
index 5a1402d40..5df0f3847 100644
--- a/cookbooks/postgresql/providers/user.rb
+++ b/cookbooks/postgresql/providers/user.rb
@@ -17,6 +17,8 @@
 # limitations under the License.
 #
 
+require "shellwords"
+
 use_inline_resources
 
 def load_current_resource
@@ -35,7 +37,7 @@ def load_current_resource
 end
 
 action :create do
-  password = new_resource.password ? "ENCRYPTED PASSWORD '#{new_resource.password}'" : ""
+  password = new_resource.password ? "ENCRYPTED PASSWORD '#{new_resource.password.shellescape}'" : ""
   superuser = new_resource.superuser ? "SUPERUSER" : "NOSUPERUSER"
   createdb = new_resource.createdb ? "CREATEDB" : "NOCREATEDB"
   createrole = new_resource.createrole ? "CREATEROLE" : "NOCREATEROLE"
-- 
2.43.2