1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
Description: Fix code injection via unsafe database names inside eval
Author: Axel Beckert <abe@debian.org>
Bug-Debian: http://bugs.debian.org/706095
Last-Update: 2013-04-24
--- a/autopostgresqlbackup
+++ b/autopostgresqlbackup
@@ -299,7 +299,7 @@
then
mkdir -p "$BACKUPDIR/latest"
fi
-eval rm -f "$BACKUPDIR/latest/*"
+rm -f "$BACKUPDIR"/latest/*
fi
# IO redirection for logging.
@@ -356,7 +356,7 @@
echo ======================================================================
echo "Prebackup command output."
echo
- eval $PREBACKUP
+ $PREBACKUP
echo
echo ======================================================================
echo
@@ -457,7 +457,7 @@
else
REMW=`expr $W - 5`
fi
- eval rm -fv "$BACKUPDIR/weekly/$DB/${DB}_week.$REMW.*"
+ rm -fv "$BACKUPDIR/weekly/$DB/${DB}_week.$REMW".*
echo
dbdump "$DB" "$BACKUPDIR/weekly/$DB/${DB}_week.$W.$DATE.sql"
compression "$BACKUPDIR/weekly/$DB/${DB}_week.$W.$DATE.sql"
@@ -468,7 +468,7 @@
else
echo Daily Backup of Database \( $DB \)
echo Rotating last weeks Backup...
- eval rm -fv "$BACKUPDIR/daily/$DB/*.$DOW.sql.*"
+ rm -fv "$BACKUPDIR/daily/$DB"/*."$DOW".sql.*
echo
dbdump "$DB" "$BACKUPDIR/daily/$DB/${DB}_$DATE.$DOW.sql"
compression "$BACKUPDIR/daily/$DB/${DB}_$DATE.$DOW.sql"
@@ -504,7 +504,7 @@
else
REMW=`expr $W - 5`
fi
- eval rm -fv "$BACKUPDIR/weekly/week.$REMW.*"
+ rm -fv "$BACKUPDIR/weekly/week.$REMW".*
echo
dbdump "$DBNAMES" "$BACKUPDIR/weekly/week.$W.$DATE.sql"
compression "$BACKUPDIR/weekly/week.$W.$DATE.sql"
@@ -516,7 +516,7 @@
echo Daily Backup of Databases \( $DBNAMES \)
echo
echo Rotating last weeks Backup...
- eval rm -fv "$BACKUPDIR/daily/*.$DOW.sql.*"
+ rm -fv "$BACKUPDIR"/daily/*."$DOW".sql.*
echo
dbdump "$DBNAMES" "$BACKUPDIR/daily/$DATE.$DOW.sql"
compression "$BACKUPDIR/daily/$DATE.$DOW.sql"
@@ -538,7 +538,7 @@
echo ======================================================================
echo "Postbackup command output."
echo
- eval $POSTBACKUP
+ $POSTBACKUP
echo
echo ======================================================================
fi
@@ -600,7 +600,7 @@
fi
# Clean up Logfile
-eval rm -f "$LOGFILE"
-eval rm -f "$LOGERR"
+rm -f "$LOGFILE"
+rm -f "$LOGERR"
exit $STATUS
|
