diff options
author | Christoph M. Becker <cmbecker69@gmx.de> | 2020-01-21 10:05:33 +0100 |
---|---|---|
committer | Christoph M. Becker <cmbecker69@gmx.de> | 2020-02-17 23:17:17 +0100 |
commit | 9ca449e0a803cb9d1d40fd6b83f2da1e6a7b46d9 (patch) | |
tree | e7df197ed005e3c5cbf9a2dd44b40a08604bb576 /TSRM | |
parent | 72737b066007fa22dd341f0df9092c18f6e5a15c (diff) | |
download | php-git-9ca449e0a803cb9d1d40fd6b83f2da1e6a7b46d9.tar.gz |
Make quoting of cmd execution functions consistent
While the `$command` passed to `proc_open()` had to be wrapped in
double-quotes manually, that was implicitly done for all other
program execution functions. This could easily introduce bugs and
even security issues when switching from one to another program
execution function.
Furthermore we ensure that the additional quotes are always
unwrapped regardless of what is passed as `$command` by passing
the `/s` flag to cmd.exe. As it was, `shell_exec('path with
spaces/program.exe')` did execute program.exe, but adding an
argument (`shell_exec('path with spaces/program.exe -h)`) failed
to execute program.exe, because cmd.exe stripped the additional
quotes.
While these changes obviously can cause BC breaks, we feel that in
the long run the benefits of having consistent behavior for all
program execution functions outweighs the drawbacks of potentially
breaking some code now.
Diffstat (limited to 'TSRM')
-rw-r--r-- | TSRM/tsrm_win32.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/TSRM/tsrm_win32.c b/TSRM/tsrm_win32.c index 5287bd23d6..45cfbba7e5 100644 --- a/TSRM/tsrm_win32.c +++ b/TSRM/tsrm_win32.c @@ -478,12 +478,12 @@ TSRM_API FILE *popen_ex(const char *command, const char *type, const char *cwd, return NULL; } - cmd = (char*)malloc(strlen(command)+strlen(TWG(comspec))+sizeof(" /c ")+2); + cmd = (char*)malloc(strlen(command)+strlen(TWG(comspec))+sizeof(" /s /c ")+2); if (!cmd) { return NULL; } - sprintf(cmd, "%s /c \"%s\"", TWG(comspec), command); + sprintf(cmd, "%s /s /c \"%s\"", TWG(comspec), command); cmdw = php_win32_cp_any_to_w(cmd); if (!cmdw) { free(cmd); |