Re: Patch: initdb: "'" for QUOTE_PATH (non-windows)

On Thu, Aug 18, 2016 at 11:35 AM, Ryan Murphy <ryanfmurphy@gmail.com> wrote:

Be careful of top-posting, this is not this ML style:
http://www.idallen.com/topposting.html

>> I think that's actually a good thing to forbid.
>
> I think I agree Andres, there are already comments in the appendShellString
> function to this effect - they say that CR/LF chars in a file name are
> mostly used for malicious hacking attempts anyways - I know I've hardly ever
> needed a newline in a file name.
>
> Did you see anything else in my code that you have recommendations about?  I
> made sure to free the PQExpBufferStr vars that I allocated.

+        { /* pg_ctl command w path, properly quoted */
+            PQExpBuffer pg_ctl_path = createPQExpBuffer();
+            printfPQExpBuffer(pg_ctl_path, "%s%spg_ctl",
+                bin_dir,
+                (strlen(bin_dir) > 0) ? DIR_SEP : ""
+            );
+            appendShellString(start_db_cmd, pg_ctl_path->data);
+            destroyPQExpBuffer(pg_ctl_path);
+        }

This is not really project-style to have an independent block. Usually
those are controlled by for, while or if. And you could use the same
PQExpBuffer for everything.
-- 
Michael