On 3/23/21 2:59 PM, Tom Lane wrote:
> Jan Wieck <jan@wi3ck.info> writes:
>> On 3/23/21 2:35 PM, Tom Lane wrote:
>>> If you're passing multiple options, that is
>>> --pg-dump-options "--foo=x --bar=y"
>>> it seems just horribly fragile. Lose the double quotes and suddenly
>>> --bar is a separate option to pg_upgrade itself, not part of the argument
>>> for the previous option. That's pretty easy to do when passing things
>>> through shell scripts, too.
>
>> ... which would be all really easy if pg_upgrade wouldn't be assembling
>> a shell script string to pass into parallel_exec_prog() by itself.
>
> No, what I was worried about is shell script(s) that invoke pg_upgrade
> and have to pass down some of these options through multiple levels of
> option parsing.
The problem here is that pg_upgrade itself is invoking a shell again. It
is not assembling an array of arguments to pass into exec*(). I'd be a
happy camper if it did the latter. But as things are we'd have to add
full shell escapeing for arbitrary strings.
>
> BTW, it doesn't seem like the "pg-" prefix has any value-add here,
> so maybe "--dump-option" and "--restore-option" would be suitable
> spellings.
Agreed.
Regards, Jan
--
Jan Wieck
Principle Database Engineer
Amazon Web Services
