Re: [HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-10-07 Thread Heikki Linnakangas
On 09/12/2016 11:08 AM, Michael Paquier wrote: On Fri, Sep 9, 2016 at 6:49 AM, Andres Freund wrote: On 2016-09-08 18:13:06 -0300, Alvaro Herrera wrote: I can't vouch for the windows stuff, and the invocations indeed look vulnerable. I'm not sure if the fix actually matters

Re: [HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-09-13 Thread Michael Paquier
On Fri, Sep 9, 2016 at 1:25 PM, Tom Lane wrote: > Andres Freund writes: >> On 2016-09-08 20:15:46 -0400, Peter Eisentraut wrote: >>> We don't support build directories with spaces in them, but we support >>> installation directories with spaces in them.

Re: [HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-09-12 Thread Michael Paquier
On Fri, Sep 9, 2016 at 6:49 AM, Andres Freund wrote: > On 2016-09-08 18:13:06 -0300, Alvaro Herrera wrote: >> > I can't vouch for the windows stuff, and >> > the invocations indeed look vulnerable. I'm not sure if the fix actually >> > matters on windows, given . is the

Re: [HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-09-08 Thread Tom Lane
Andres Freund writes: > On 2016-09-08 20:15:46 -0400, Peter Eisentraut wrote: >> We don't support build directories with spaces in them, but we support >> installation directories with spaces in them. So I guess that means >> your point is valid. > Even if not necessary in

Re: [HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-09-08 Thread Andres Freund
On 2016-09-08 20:15:46 -0400, Peter Eisentraut wrote: > On 9/8/16 6:04 PM, Alvaro Herrera wrote: > > Andres Freund wrote: > >> On 2016-09-08 18:13:06 -0300, Alvaro Herrera wrote: > >>> I suppose -I$(srcdir) should be fine. (Why the quotes?) > >> > >> Because quoting correctly seems like a good

Re: [HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-09-08 Thread Peter Eisentraut
On 9/8/16 6:04 PM, Alvaro Herrera wrote: > Andres Freund wrote: >> On 2016-09-08 18:13:06 -0300, Alvaro Herrera wrote: >>> I suppose -I$(srcdir) should be fine. (Why the quotes?) >> >> Because quoting correctly seems like a good thing to do? Most people >> won't have whitespace in there, but it

Re: [HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-09-08 Thread Alvaro Herrera
Andres Freund wrote: > On 2016-09-08 18:13:06 -0300, Alvaro Herrera wrote: > > I suppose -I$(srcdir) should be fine. (Why the quotes?) > > Because quoting correctly seems like a good thing to do? Most people > won't have whitespace in there, but it doesn't seem impossible? Well, I think they

Re: [HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-09-08 Thread Andres Freund
On 2016-09-08 18:13:06 -0300, Alvaro Herrera wrote: > I suppose -I$(srcdir) should be fine. (Why the quotes?) Because quoting correctly seems like a good thing to do? Most people won't have whitespace in there, but it doesn't seem impossible? > > check-world appears to mostly run (still doing

Re: [HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-09-08 Thread Alvaro Herrera
Andres Freund wrote: > On 2016-09-08 17:58:03 -0300, Alvaro Herrera wrote: > > Andres Freund wrote: > > > > > ISTM that the easiest fix is to just tack -I '$(srcdir)' into the prove > > > flags like: > > > PROVE = @PROVE@ > > > PG_PROVE_FLAGS = -I $(top_srcdir)/src/test/perl/ -I '$(srcdir)' > >

Re: [HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-09-08 Thread Andres Freund
On 2016-09-08 17:58:03 -0300, Alvaro Herrera wrote: > Andres Freund wrote: > > > ISTM that the easiest fix is to just tack -I '$(srcdir)' into the prove > > flags like: > > PROVE = @PROVE@ > > PG_PROVE_FLAGS = -I $(top_srcdir)/src/test/perl/ -I '$(srcdir)' > > PROVE_FLAGS = --verbose > > > > I

Re: [HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-09-08 Thread Alvaro Herrera
Andres Freund wrote: > ISTM that the easiest fix is to just tack -I '$(srcdir)' into the prove > flags like: > PROVE = @PROVE@ > PG_PROVE_FLAGS = -I $(top_srcdir)/src/test/perl/ -I '$(srcdir)' > PROVE_FLAGS = --verbose > > I don't think there's any security concerns for us here. Maybe not, but

[HACKERS] CVE-2016-1238 fix breaks (at least) pg_rewind tests

2016-09-08 Thread Andres Freund
Hi, On Debian unstable I just got a failure when running the regression tests: andres@alap4:~/build/postgres/dev-assert/vpath/src/bin/pg_rewind$ make check rm -rf '/home/andres/build/postgres/dev-assert/vpath'/tmp_install /bin/mkdir -p