Hi David,
Thank you for the clarification. I have now read the code, and overall it looks good to me. I only had one very small comment.
You currently have:
```
memset(controlFile + sizeof(ControlFileData), 0,
PG_CONTROL_FILE_SIZE - sizeof(ControlFileData));
memcpy(controlFile, ControlFile, sizeof(ControlFileData));
```
This is correct, since only the trailing bytes need to be zeroed before the copy.
I was just wondering whether the following might be slightly clearer:
```
memset(controlFile, 0, PG_CONTROL_FILE_SIZE);
memcpy(controlFile, ControlFile, sizeof(ControlFileData));
```
I do not think this is a real issue, though.
Thanks
Haibo
On Mar 17, 2026, at 12:05 AM, David Steele <david@pgbackrest.org> wrote:
On 3/17/26 12:16, Haibo Yan wrote:
I have not read the code yet, so this may already be answered there, but I had a question about the proposal itself. This patch protects against a missing backup_label, but what about a wrong one? If a user restores a backup_label file from a different backup, the existence check alone would not detect that. Do we need some consistency check between the returned pg_control copy and the backup_label contents, or is the intended scope here limited to the “missing file” case only?
Thank you for having a look!
The goal here is only to check for a missing backup_label. The general problem is that PostgreSQL suggests that removing backup_label might be a good idea so the user does it:
If you are not restoring from a backup, try removing the file \"%s/backup_label\"
The user *could* copy a backup_label from another backup and there are ways we could detect that but I feel that should be material for a separate patch.
Regards,
-David
