[pkg-bacula-devel] Bug#923511: Bug#923511: make_catalog_backup.pl doesn't sanitize $args{db_name}

Carsten Leonhardt leo at debian.org
Sun Mar 3 17:59:06 GMT 2019

Control: tags -1 upstream
Control: forwarded -1 https://bugs.bacula.org/view.php?id=2458

Hi Sergio,

> /etc/bacula/scripts/make_catalog_backup.pl uses a temporary file with a name
> based on $args{db_name}. This fails if the database name contains / characters,
> as it well might if it is a URI like
> postgresql://host/db?sslmode=verify-full&sslrootcert=/etc/ssl/certs/host-ca.crt

I've written a patch to base the filename on the catalog name as you
suggested (although I'm not good at perl), but the script
"delete_catalog_backup" needs to be changed too.

I've submitted your bug report upstream.



-------------- next part --------------
A non-text attachment was scrubbed...
Name: sane-filename.patch
Type: text/x-diff
Size: 1267 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-bacula-devel/attachments/20190303/e3a9fa97/attachment.patch>

More information about the pkg-bacula-devel mailing list