On Thu, Aug 18, 2016 at 12:21 AM, Ryan Murphy <ryanfmur...@gmail.com> wrote: > I have created a better patch (attached) that correctly escapes the shell > arguments using PQExpBufferStr and the appendShellString function, as per > Michael and Andres' suggestions. > > Further suggestions welcome of course.
As far as I know, it is perfectly possible to have LF/CR in a path name (that's bad practice btw...), and your patch would make initdb fail in such cases. Do we want to authorize that? If we bypass the error checks in appendShellString with an extra option, and have initdb use that, the generated command would be actually correct. -- Michael -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
