Re: pg_rewind copies

On 01.04.22 11:00, Daniel Gustafsson wrote:
> One small comment on the patch:
> 
> +   snprintf(srcpath, sizeof(srcpath), "%s/%s", datadir, path);
> 
> This should IMO check the returnvalue of snprintf to ensure it wasn't
> truncated.  While the risk is exceedingly small, a truncated filename might
> match another existing filename and the error not getting caught.  There is
> another instance just like this one in open_target_file() to which I think we
> should apply the same belts-and-suspenders treatment.  I've fixed this in the
> attached version which also have had a pg_indent run on top of a fresh rebase.

We use snprintf() like that countless times, and approximately none of 
them check for overflow.  So while you are right, this might not be the 
place to start a new policy.

If you don't like this approach, use psprintf() perhaps.