From f4ab3148f175f8ac415b01fea61d14a80f4de969 Mon Sep 17 00:00:00 2001
From: intrigeri <intrigeri@boum.org>
Date: Fri, 25 Dec 2009 02:33:13 +0100
Subject: [PATCH] mysql, pgsql: Quote output filenames

... to support shell meta-characters in database names.
Closes Redmine bug #617.
---
 ChangeLog         |  4 ++++
 NEWS              |  9 +++++++++
 handlers/mysql.in |  8 ++++----
 handlers/pgsql.in | 16 ++++++++--------
 4 files changed, 25 insertions(+), 12 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 9a6ccaa..97d4353 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -26,8 +26,12 @@ version 0.9.7 -- UNRELEASED
 	 . Fix the error message displayed when mysqld is not running:
 	   mysqladmin ping indeed returns 0 when authentication fails.
 	 . Use gzip's --rsyncable option.
+	 . Quote output filenames to support shell meta-characters in
+	   database names.
 	pgsql:
 	 . Use gzip's --rsyncable option.
+	 . Quote output filenames to support shell meta-characters in
+	   database names.
 	sys:
 	 . New luksheaders option (default=disabled) to backup the Luks header
 	   of every Luks device.
diff --git a/NEWS b/NEWS
index 361cf3c..ef8592e 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,12 @@
+backupninja (0.9.7-1) UNRELEASED
+
+	* mysql: output filenames to support shell meta-characters in
+	  database names. This change was not heavily tested, please
+	  report any breakage.
+	* pgsql: output filenames to support shell meta-characters in
+	  database names. This change was not heavily tested, please
+	  report any breakage.
+
 backupninja (0.9.4-1) UNRELEASED
 
 	* duplicity: Old (pre-0.9.4) example.dup file used to give false
diff --git a/handlers/mysql.in b/handlers/mysql.in
index e1e89b0..0aa3abb 100644
--- a/handlers/mysql.in
+++ b/handlers/mysql.in
@@ -272,9 +272,9 @@ then
             fatal "mysqld doesn't appear to be running!"
          fi
          if [ "$compress" == "yes" ]; then
-            execstr="$VSERVER $vsname exec $DUMP | $GZIP --rsyncable > $vroot$dumpdir/${db}.sql.gz"
+            execstr="$VSERVER $vsname exec $DUMP | $GZIP --rsyncable > '$vroot$dumpdir/${db}.sql.gz'"
          else
-            execstr="$VSERVER $vsname exec $DUMP -r $vroot$dumpdir/${db}.sql"
+            execstr="$VSERVER $vsname exec $DUMP -r '$vroot$dumpdir/${db}.sql'"
          fi
       else
          # Test to make sure mysqld is running, if it is not sqldump will not work
@@ -283,9 +283,9 @@ then
             fatal "mysqld doesn't appear to be running!"
          fi
          if [ "$compress" == "yes" ]; then
-            execstr="$DUMP | $GZIP --rsyncable > $dumpdir/${db}.sql.gz"
+            execstr="$DUMP | $GZIP --rsyncable > '$dumpdir/${db}.sql.gz'"
          else
-            execstr="$DUMP -r $dumpdir/${db}.sql"
+            execstr="$DUMP -r '$dumpdir/${db}.sql'"
          fi
       fi
       debug "su $user -c \"$execstr\""
diff --git a/handlers/pgsql.in b/handlers/pgsql.in
index a7e3ec2..d7839fb 100644
--- a/handlers/pgsql.in
+++ b/handlers/pgsql.in
@@ -75,15 +75,15 @@ chmod 700 $vroot$backupdir
 if [ "$databases" == "all" ]; then
    if [ $usevserver = yes ]; then
       if [ "$compress" == "yes" ]; then
-         execstr="$VSERVER $vsname exec su - $PGSQLUSER -c \"$PGSQLDUMPALL | $GZIP --rsyncable > $backupdir/${vsname}.sql.gz\""
+         execstr="$VSERVER $vsname exec su - $PGSQLUSER -c \"$PGSQLDUMPALL | $GZIP --rsyncable > '$backupdir/${vsname}.sql.gz'\""
       else
-         execstr="$VSERVER $vsname exec su - $PGSQLUSER -c \"$PGSQLDUMPALL > $backupdir/${vsname}.sql\""
+         execstr="$VSERVER $vsname exec su - $PGSQLUSER -c \"$PGSQLDUMPALL > '$backupdir/${vsname}.sql'\""
       fi
    else
       if [ "$compress" == "yes" ]; then
-         execstr="su - $PGSQLUSER -c \"$PGSQLDUMPALL | $GZIP --rsyncable > $backupdir/${localhost}-all.sql.gz\""
+         execstr="su - $PGSQLUSER -c \"$PGSQLDUMPALL | $GZIP --rsyncable > '$backupdir/${localhost}-all.sql.gz'\""
       else
-         execstr="su - $PGSQLUSER -c \"$PGSQLDUMPALL > $backupdir/${localhost}-all.sql\""
+         execstr="su - $PGSQLUSER -c \"$PGSQLDUMPALL > '$backupdir/${localhost}-all.sql'\""
       fi
    fi
    debug "$execstr"
@@ -104,15 +104,15 @@ else
    for db in $databases; do
       if [ $usevserver = yes ]; then
          if [ "$compress" == "yes" ]; then
-            execstr="$VSERVER $vsname exec su - $PGSQLUSER -c \"$PGSQLDUMP $db | $GZIP --rsyncable > $backupdir/${db}.sql.gz\""
+            execstr="$VSERVER $vsname exec su - $PGSQLUSER -c \"$PGSQLDUMP $db | $GZIP --rsyncable > '$backupdir/${db}.sql.gz'\""
          else
-            execstr="$VSERVER $vsname exec su - $PGSQLUSER -c \"$PGSQLDUMP $db | > $backupdir/${db}.sql\""
+            execstr="$VSERVER $vsname exec su - $PGSQLUSER -c \"$PGSQLDUMP $db | > '$backupdir/${db}.sql'\""
          fi
       else
          if [ "$compress" == "yes" ]; then
-            execstr="su - $PGSQLUSER -c \"$PGSQLDUMP $db | $GZIP --rsyncable > $backupdir/${db}.sql.gz\""
+            execstr="su - $PGSQLUSER -c \"$PGSQLDUMP $db | $GZIP --rsyncable > '$backupdir/${db}.sql.gz'\""
          else
-            execstr="su - $PGSQLUSER -c \"$PGSQLDUMP $db > $backupdir/${db}.sql\""
+            execstr="su - $PGSQLUSER -c \"$PGSQLDUMP $db > '$backupdir/${db}.sql'\""
          fi
       fi
       debug "$execstr"
-- 
GitLab