fix: LISTEN with special characters in channel names (#119)

* Add test for `LISTEN` channel name containing special characters

Provides reproducible example for issue #118: A channel containing
special characters generates invalid SQL due to the pgo not escaping
such identifiers.

* Escape channel names in calls to `pgo_notifications:listen`

By escaping channel names on the way to the database, the `listen`
function is now able to function with special characters in channel
names, as well as being safe from SQL injection.

The names are NOT quoted when stored in the in-memory listener map,
so that the raw channel names match with the names reported by the
database when the notification occurs.

Closes #118

Author: foxfriends

src/pgo_notifications.erl

@@ -97,12 +97,15 @@ disconnected({call, {Pid, _}=From}, {listen, Channel}, Data=#data{listeners=List
 disconnected(EventType, EventContent, Data) ->
     handle_event(EventType, EventContent, Data).
 
+escape_channel_name(Name) ->
+    ["\"", string:replace(Name, "\"", "\"\"", all), "\""].
+
 connected(enter, _, #data{conn=Conn,
                           listener_channels=ListenerChannels}) ->
     case map_size(ListenerChannels) > 0 of
         true ->
             Channels = maps:keys(ListenerChannels),
-            ListenStatements = [["LISTEN ", Channel, "; "] || Channel <- Channels],
+            ListenStatements = [["LISTEN ", escape_channel_name(Channel), "; "] || Channel <- Channels],
             Query = ["DO $$BEGIN ", ListenStatements, " END$$"],
             #{command := do} = pgo_handler:extended_query(Conn, Query, []),
             keep_state_and_data;
@@ -120,7 +123,7 @@ connected({call, {Pid, _}=From}, {listen, Channel}, Data=#data{conn=Conn,
     case erlang:map_size(maps:get(Channel, ListenerChannels1)) of
         1 ->
             %% first time listening on this channel
-            case pgo_handler:extended_query(Conn, ["LISTEN ", Channel], []) of
+            case pgo_handler:extended_query(Conn, ["LISTEN ", escape_channel_name(Channel)], []) of
                 #{command := listen} ->
                     {keep_state, Data#data{listeners=Listeners1,
                                            listener_channels=ListenerChannels1}, [{reply, From, {ok, Ref}}]};
@@ -209,7 +212,7 @@ unlisten(Ref, Listeners, ListenerChannels, Conn) ->
             case erlang:map_size(PerChannel) of
                 0 ->
                     ListenerChannels1 =maps:remove(Channel, ListenerChannels),
-                    #{command := unlisten} = pgo_handler:extended_query(Conn, ["UNLISTEN ", Channel], []),
+                    #{command := unlisten} = pgo_handler:extended_query(Conn, ["UNLISTEN ", escape_channel_name(Channel)], []),
                     {Listeners1, ListenerChannels1};
                 _ ->
                     {Listeners1, ListenerChannels#{Channel => PerChannel}}

test/pgo_listen_SUITE.erl

@@ -5,7 +5,7 @@
 -include_lib("common_test/include/ct.hrl").
 -include_lib("stdlib/include/assert.hrl").
 
-all() -> [listen_notify, named_listen_notify].
+all() -> [listen_notify, named_listen_notify, listen_notify_special_name].
 
 init_per_suite(Config) ->
     application:ensure_all_started(pgo),
@@ -126,3 +126,24 @@ named_listen_notify(_Config) ->
     end,
 
     ok.
+
+listen_notify_special_name(_Config) ->
+    {ok, Pid} = pgo_notifications:start_link(#{database => "test",
+                                               user => "test",
+                                               password => "password"}),
+    Chan1 = <<"chan1:\"hello\"">>,
+
+    {_, Ref1} = pgo_notifications:listen(Pid, Chan1),
+
+    ?assertMatch(#{command := notify},
+                 pgo:query("NOTIFY \"chan1:\"\"hello\"\"\", 'message 1'")),
+
+    receive
+        {notification, Pid, Ref1, Chan1, Payload} ->
+            ?assertEqual(<<"message 1">>, Payload)
+    after
+        1000 ->
+            ct:fail(timeout)
+    end,
+
+    ok.