From af6c1a24cff5b8e96d88f5bba0c7393af782c7e3 Mon Sep 17 00:00:00 2001
From: Akshay Joshi <akshay.joshi@enterprisedb.com>
Date: Tue, 1 Apr 2025 16:33:50 +0530
Subject: [PATCH] 1) Upgraded Gunicorn to version 23.0.0 to address a security
 vulnerability present in Gunicorn. 2) Resolved an issue where an empty PSQL
 panel would open if the psql utility was not found in the binary path.

---
 Dockerfile                         |  2 +-
 web/pgadmin/tools/psql/__init__.py | 13 +++++++------
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index a7df83a8a..aa135edcd 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -208,7 +208,7 @@ RUN apk add --no-cache \
         libedit \
         libldap \
         libcap && \
-    /venv/bin/python3 -m pip install --no-cache-dir gunicorn==22.0.0 && \
+    /venv/bin/python3 -m pip install --no-cache-dir gunicorn==23.0.0 && \
     find / -type d -name '__pycache__' -exec rm -rf {} + && \
     useradd -r -u 5050 -g root -s /sbin/nologin pgadmin && \
     mkdir -p /run/pgadmin /var/lib/pgadmin && \
diff --git a/web/pgadmin/tools/psql/__init__.py b/web/pgadmin/tools/psql/__init__.py
index d15d4a596..a7abdfd88 100644
--- a/web/pgadmin/tools/psql/__init__.py
+++ b/web/pgadmin/tools/psql/__init__.py
@@ -271,7 +271,7 @@ def non_windows_platform(parent, p, fd, data, max_read_bytes, sid):
                                                    timeout)
 
                 read_terminal_data(parent, data_ready, max_read_bytes, sid)
-            except OSError as e:
+            except OSError:
                 # If the process is killed, bad file descriptor exception may
                 # occur. Handle it gracefully
                 pass
@@ -311,14 +311,15 @@ def start_process(data):
 
             _, manager = _get_connection(int(data['sid']), data)
             psql_utility = manager.utility('sql')
-            if psql_utility is None:
+            if psql_utility is None or not os.path.exists(psql_utility):
                 sio.emit('pty-output',
                          {
                              'result': gettext(
-                                 'PSQL utility not found. Specify the binary '
-                                 'path in the preferences for the appropriate '
-                                 'server version, or select "Set as default" '
-                                 'to use an existing binary path.'),
+                                 'PSQL utility not found. Specify the valid '
+                                 'binary path in the preferences for the '
+                                 'appropriate server version, or select '
+                                 '"Set as default" to use an existing binary '
+                                 'path.'),
                              'error': True},
                          namespace='/pty', room=request.sid)
                 return