Improper escaping in printf calls in scripts

[l2dy]

printf in Bash interprets its first argument as a format string, which is not safe for arbitrary strings, especially URLs which may contain percent-encoded characters:

pigsty/roles/pg_migration/templates/copy-progress

Lines 18 to 24 in e575d17

	function log_info() { printf "[${__CG} OK ${__CN}] ${__CG}$*${__CN}\n"; }
	function log_warn() { printf "[${__CY}WARN${__CN}] ${__CY}$*${__CN}\n"; }
	function log_error() { printf "[${__CR}FAIL${__CN}] ${__CR}$*${__CN}\n"; }
	function log_debug() { printf "[${__CB}HINT${__CN}] ${__CB}$*${__CN}\n"; }
	function log_input() { printf "[${__CM} IN ${__CN}] ${__CM}$*\n=> ${__CN}"; }
	function log_hint() { printf "${__CB}$*${__CN}\n"; }
	function log_line() { printf "${__CM}[$*] ===========================================${__CN}\n"; }

pigsty/roles/pg_migration/templates/copy-progress

Lines 39 to 40 in e575d17

	log_info " - SRC URL : ${SRCPG}"
	log_info " - DST URL : ${DSTPG}"