Hi Raffaello,
My mistake, the problem with empty args was fixed in 17 as well as some
of the problems with
escaping of double-quotes. The default legacy mode does not check for
unbalanced quotes
possible merging of arguments. The simplest case are for .exe
execution, in which the
argument parsing by applications allows a more reliable encoding.
The command parsing by cmd.exe is less flexible and has more issues.
Setting the system property
jdk.lang.Process.allowAmbiguousCommands=false applies some
additional checks. But it is not the default. It is a goal to reduce the
number
of modes and simplify the code in the Windows ProcessImpl.
I'm all in favor of solving the problem on Windows, suggestions welcome.
But also a consideration is not breaking (too many) existing applications.
Thanks, Roger
On 1/28/22 2:14 PM, Raffaello Giulietti wrote:
Hi Roger,
I'm trying the following (ugly) code on JDK 17/Win, where Args.exe
does nothing else than writing out its argv[], redirecting to a log file.
public static void main(String[] args) throws IOException,
InterruptedException {
String[] command = {
"C:\\Users\\alpha\\Args.exe",
"",
"a",
"",
"b",
"",
};
var processBuilder = new ProcessBuilder(command);
processBuilder.redirectOutput(new
File("C:\\Users\\alpha\\my.log"));
var process = processBuilder.start();
Thread.sleep(2_000);
System.out.println("process.exitValue() = " +
process.exitValue());
}
Here's the log file
argv[0] = [C:\Users\alpha\Args.exe]
argv[1] = []
argv[2] = [a]
argv[3] = []
argv[4] = [b]
argv[5] = []
so empty args seem to work correctly, at least in this plain example.
Have you specific examples that behave incorrectly?
I'm asking because I'd like to setup a simple set of rules to solve
the issue on Windows altogether.
On 2022-01-28 16:48, Roger Riggs wrote:
Hi Raffaello,
For .exe executables, one example is an empty string in the list of
arguments to ProcessBuilder.
The empty string is not visible in the generated command line. For
position sensitive commands, it appears the argument is dropped.
An argument in ProcessBuilder with mismatched quotes can cause the
argument to be joined with the next in the generated command line.
A stray "\" at the end of an argument can cause the following
character to be quoted, possibly joining the argument with the next.
For .cmd executables, cmd.exe interprets more characters as argument
separators and will split arguments.
For example, an argument with a semi-colon or comma, (unquoted) will
be split into two arguments when parsed by cmd.exe.
The goal is to improve the integrity and robustness of the command
encoding.
Thanks, Roger
On 1/28/22 4:07 AM, Raffaello Giulietti wrote:
Hello,
if I understand correctly, the issue addressed here (on Windows) is
how to assemble a single command string from an array of argument
strings to pass to CreateProcess() in a way that the individual
argument strings can be fully recovered in the invoked program.
Similarly when the command string is passed to an instance of cmd.exe.
Are there known (non security critical) examples that do not work
correctly JDK 18 or earlier?
Greetings
Raffaello
On 2022-01-20 19:05, Roger Riggs wrote:
A JEP to Improve safety of process launch by ProcessBuilder and
Runtime.exec on Windows[1].
Argument encoding errors have been problematic on Windows systems
due to
improperly quoted command arguments.
The idea is to tighten up quoting and encoding of command line
arguments.
Comments appreciated, Roger
[1] https://bugs.openjdk.java.net/browse/JDK-8263697
