Bug #49446 [Csd->Asn]: escapeshellarg dosn`t work on windows

pajoye Thu, 03 Mar 2011 01:54:41 -0800

Edit report at http://bugs.php.net/bug.php?id=49446&edit=1


 ID:                 49446
 Updated by:         paj...@php.net
 Reported by:        heromantor at users dot sourceforge dot net
 Summary:            escapeshellarg dosn`t work on windows
-Status:             Closed
+Status:             Assigned
 Type:               Bug
 Package:            CGI related
 Operating System:   windows xp sp2
 PHP Version:        5.2.10
-Assigned To:        
+Assigned To:        pajoye
 Block user comment: N
 Private report:     N

 New Comment:

Something is wrong with this patch, and we should try to use ^ in trunk.


Previous Comments:
------------------------------------------------------------------------
[2009-09-11 01:00:00] php-bugs at lists dot php dot net

No feedback was provided for this bug for over a week, so it is
being suspended automatically. If you are able to provide the
information that was originally requested, please do so and change
the status of the bug back to "Open".

------------------------------------------------------------------------
[2009-09-03 04:16:48] scott...@php.net

This was fixed in 5.3 with bug #43261



Though \\ within double quotes is considered a single \

------------------------------------------------------------------------
[2009-09-02 23:51:40] heromantor at users dot sourceforge dot net

oh sorry, i post invalid patch.



this ok:

--- exec.c  Wed Sep  2 23:44:19 2009

+++ exec_fixed.c    Wed Sep  2 23:44:41 2009

@@ -343,7 +343,7 @@

  */

 PHPAPI char *php_escape_shell_arg(char *str)

 {

-    int x, y = 0, l = strlen(str);

+    int x, y = 0, j, l = strlen(str);

     char *cmd;

     size_t estimate = (4 * l) + 3;

 

@@ -352,6 +352,11 @@

     cmd = safe_emalloc(4, l, 3); /* worst case */

 

 #ifdef PHP_WIN32

+#   define PHP_ESCAPE_SHELL_ARG_PROCESS_TRAILING_SLASHES() \

+        for(j = y - 1; j > 0 && cmd[j] == '\\'; --j) { \

+            cmd[y++] = '\\'; \

+        }

+

     cmd[y++] = '"';

 #else

     cmd[y++] = '\'';

@@ -372,10 +377,16 @@

 

         switch (str[x]) {

 #ifdef PHP_WIN32

-        case '"':

-        case '%':

-            cmd[y++] = ' ';

-            break;

+        case '%':

+            PHP_ESCAPE_SHELL_ARG_PROCESS_TRAILING_SLASHES()

+            cmd[y++] = '"';

+            cmd[y++] = '%';

+            cmd[y++] = '"';

+            break;

+        case '"':

+            PHP_ESCAPE_SHELL_ARG_PROCESS_TRAILING_SLASHES()

+            cmd[y++] = '"';

+            /* fall-through */

 #else

         case '\'':

             cmd[y++] = '\'';

@@ -388,6 +399,9 @@

         }

     }

 #ifdef PHP_WIN32

+    PHP_ESCAPE_SHELL_ARG_PROCESS_TRAILING_SLASHES()

+#   undef PHP_ESCAPE_SHELL_ARG_PROCESS_TRAILING_SLASHES

+

     cmd[y++] = '"';

 #else

     cmd[y++] = '\'';

------------------------------------------------------------------------
[2009-09-02 23:10:52] heromantor at users dot sourceforge dot net

Description:
------------
escapeshellarg function dosn`t work properly on windows platform.
Problem in " \ and % chars handling.



this patch fix this problem

--- exec.c  Wed Sep  2 22:41:27 2009

+++ exec_fixed.c    Wed Sep  2 22:40:50 2009

@@ -352,6 +352,11 @@

    cmd = safe_emalloc(4, l, 3); /* worst case */

 

 #ifdef PHP_WIN32

+#   define PHP_ESCAPE_SHELL_ARG_PROCESS_TRAILING_SLASHES() \

+        for(j = y - 1; j > 0 && cmd[j] == '\\'; --j) { \

+            cmd[y++] = '\\'; \

+        }

+

    cmd[y++] = '"';

 #else

    cmd[y++] = '\'';

@@ -372,10 +377,16 @@

 

        switch (str[x]) {

 #ifdef PHP_WIN32

-       case '"':

-       case '%':

-           cmd[y++] = ' ';

-           break;

+        case '%':

+            PHP_ESCAPE_SHELL_ARG_PROCESS_TRAILING_SLASHES()

+            cmd[y++] = '"';

+            cmd[y++] = '%';

+            cmd[y++] = '"';

+            break;

+        case '"':

+            PHP_ESCAPE_SHELL_ARG_PROCESS_TRAILING_SLASHES()

+            cmd[y++] = '"';

+            /* fall-through */

 #else

        case '\'':

            cmd[y++] = '\'';

@@ -388,6 +399,9 @@

        }

    }

 #ifdef PHP_WIN32

+    PHP_ESCAPE_SHELL_ARG_PROCESS_TRAILING_SLASHES()

+#   undef PHP_ESCAPE_SHELL_ARG_PROCESS_TRAILING_SLASHES

+

    cmd[y++] = '"';

 #else

    cmd[y++] = '\'';



and some test cases

P A T H => "P A T H"

%PATH% => ""%"PATH"%""

a%PATH%b => "a"%"PATH"%"b"

%%PATH%% => ""%""%"PATH"%""%""

"PATH" => """PATH"""

"%PATH%" => """"%"PATH"%""""

\P\A\T\H => "\P\A\T\H"

\P\A\T\H\ => "\P\A\T\H\\"

\%\%\ => "\\"%"\\"%"\\"

a\\%b\\c%\\ => "a\\\\"%"b\\c"%"\\\\"

"a\" => """a\\"""

a\" => "a\\"""

a\"^|^&^(^) => "a\\""^|^&^(^)"

PATH\%\ => "PATH\\"%"\\"



Reproduce code:
---------------
<?php

print_r(escapeshellarg("%PATH%") . PHP_EOL);

print_r(escapeshellarg("c:\\temp\\") . PHP_EOL);

print_r(escapeshellarg('\\"') . PHP_EOL);



Expected result:
----------------
""%"PATH"%""

"c:\temp\\"

"\\"""



Actual result:
--------------
" PATH "

"c:\temp\"

"\ "




------------------------------------------------------------------------



-- 
Edit this bug report at http://bugs.php.net/bug.php?id=49446&edit=1

Bug #49446 [Csd->Asn]: escapeshellarg dosn`t work on windows

Reply via email to