[pkg-bacula-devel] Bug#923511: Bug#923511: make_catalog_backup.pl doesn't sanitize $args{db_name}
Carsten Leonhardt
leo at debian.org
Sun Mar 3 17:59:06 GMT 2019
Control: tags -1 upstream
Control: forwarded -1 https://bugs.bacula.org/view.php?id=2458
Hi Sergio,
> /etc/bacula/scripts/make_catalog_backup.pl uses a temporary file with a name
> based on $args{db_name}. This fails if the database name contains / characters,
> as it well might if it is a URI like
> postgresql://host/db?sslmode=verify-full&sslrootcert=/etc/ssl/certs/host-ca.crt
I've written a patch to base the filename on the catalog name as you
suggested (although I'm not good at perl), but the script
"delete_catalog_backup" needs to be changed too.
I've submitted your bug report upstream.
Regards,
Carsten
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sane-filename.patch
Type: text/x-diff
Size: 1267 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-bacula-devel/attachments/20190303/e3a9fa97/attachment.patch>
More information about the pkg-bacula-devel
mailing list