Commit 22e875f7 authored by Vasily Galkin's avatar Vasily Galkin

gspawn, win32: quoted args - escape end backslash

According to msdn documentation last backslash(es) of quoted argument
in a win32 cmdline need to be escaped, since they are
directly preceding quote in the resulting string:
https://docs.microsoft.com/en-us/cpp/c-language/parsing-c-command-line-arguments

Glib <=2.58.0 passed children arguments like C:\Program Files\
without escaping last backslash(es).
So it had been passed as "C:\Program Files\"
windows command line parsing treated this as escaped quote,
and later text was treated as argument continuation instead of separate
arguments.

Existing implementation wasn't easily adoptable to fix this problem,
so escaping logic was rewritten.
Since the resulting length need to be increased due to extra escaping
it was rewritten too. Now the calculated length assumes that all
escapable chars would be escaped in a resulting string,
so the length may be a bit bigger than actually needed,
since backslashes not preceding quotes are not escaped.

This fixes the glib/tests/spawn-singlethread.c test
(which introduced testing for special chars to make this problem
testable).
The problem itself was found during investigations about fixing
related #1566

The logic is duplicated in protect_argv_string() and protect_wargv() funcs.
However there is no single obvious way to get rid of duplication -
!419 (comment 371483)

So by now adding a note referencing protect_wargv from protect_argv_string,
the other direction is already referenced.
parent f7f597c8
...@@ -92,22 +92,17 @@ protect_wargv (gint argc, ...@@ -92,22 +92,17 @@ protect_wargv (gint argc,
wchar_t *p = wargv[i]; wchar_t *p = wargv[i];
wchar_t *q; wchar_t *q;
gint len = 0; gint len = 0;
gint pre_bslash = 0;
gboolean need_dblquotes = FALSE; gboolean need_dblquotes = FALSE;
while (*p) while (*p)
{ {
if (*p == ' ' || *p == '\t') if (*p == ' ' || *p == '\t')
need_dblquotes = TRUE; need_dblquotes = TRUE;
else if (*p == '"') /* estimate max len, assuming that all escapable chracters will be escaped */
len++; if (*p == '"' || *p == '\\')
else if (*p == '\\') len += 2;
{ else
wchar_t *pp = p; len += 1;
while (*pp && *pp == '\\')
pp++;
if (*pp == '"')
len++;
}
len++;
p++; p++;
} }
...@@ -117,24 +112,40 @@ protect_wargv (gint argc, ...@@ -117,24 +112,40 @@ protect_wargv (gint argc,
if (need_dblquotes) if (need_dblquotes)
*q++ = '"'; *q++ = '"';
/* Only quotes and backslashes preceeding quotes are escaped:
* see "Parsing C Command-Line Arguments" at
* https://docs.microsoft.com/en-us/cpp/c-language/parsing-c-command-line-arguments
*/
while (*p) while (*p)
{ {
if (*p == '"') if (*p == '"')
*q++ = '\\';
else if (*p == '\\')
{ {
wchar_t *pp = p; /* Add backslash for escaping quote itself */
while (*pp && *pp == '\\') *q++ = '\\';
pp++; /* Add backslash for every preceeding backslash for escaping it */
if (*pp == '"') for (;pre_bslash > 0; --pre_bslash)
*q++ = '\\'; *q++ = '\\';
} }
/* Count length of continuous sequence of preceeding backslashes. */
if (*p == '\\')
++pre_bslash;
else
pre_bslash = 0;
*q++ = *p; *q++ = *p;
p++; p++;
} }
if (need_dblquotes) if (need_dblquotes)
*q++ = '"'; {
/* Add backslash for every preceeding backslash for escaping it,
* do NOT escape quote itself.
*/
for (;pre_bslash > 0; --pre_bslash)
*q++ = '\\';
*q++ = '"';
}
*q++ = '\0'; *q++ = '\0';
} }
(*new_wargv)[argc] = NULL; (*new_wargv)[argc] = NULL;
......
...@@ -125,28 +125,24 @@ reopen_noninherited (int fd, ...@@ -125,28 +125,24 @@ reopen_noninherited (int fd,
#define HELPER_PROCESS "gspawn-win32-helper" #define HELPER_PROCESS "gspawn-win32-helper"
#endif #endif
/* This logic has a copy for wchar_t in gspawn-win32-helper.c, protect_wargv() */
static gchar * static gchar *
protect_argv_string (const gchar *string) protect_argv_string (const gchar *string)
{ {
const gchar *p = string; const gchar *p = string;
gchar *retval, *q; gchar *retval, *q;
gint len = 0; gint len = 0;
gint pre_bslash = 0;
gboolean need_dblquotes = FALSE; gboolean need_dblquotes = FALSE;
while (*p) while (*p)
{ {
if (*p == ' ' || *p == '\t') if (*p == ' ' || *p == '\t')
need_dblquotes = TRUE; need_dblquotes = TRUE;
else if (*p == '"') /* estimate max len, assuming that all escapable chracters will be escaped */
len++; if (*p == '"' || *p == '\\')
else if (*p == '\\') len += 2;
{ else
const gchar *pp = p; len += 1;
while (*pp && *pp == '\\')
pp++;
if (*pp == '"')
len++;
}
len++;
p++; p++;
} }
...@@ -155,25 +151,40 @@ protect_argv_string (const gchar *string) ...@@ -155,25 +151,40 @@ protect_argv_string (const gchar *string)
if (need_dblquotes) if (need_dblquotes)
*q++ = '"'; *q++ = '"';
/* Only quotes and backslashes preceeding quotes are escaped:
* see "Parsing C Command-Line Arguments" at
* https://docs.microsoft.com/en-us/cpp/c-language/parsing-c-command-line-arguments
*/
while (*p) while (*p)
{ {
if (*p == '"') if (*p == '"')
*q++ = '\\';
else if (*p == '\\')
{ {
const gchar *pp = p; /* Add backslash for escaping quote itself */
while (*pp && *pp == '\\') *q++ = '\\';
pp++; /* Add backslash for every preceeding backslash for escaping it */
if (*pp == '"') for (;pre_bslash > 0; --pre_bslash)
*q++ = '\\'; *q++ = '\\';
} }
/* Count length of continuous sequence of preceeding backslashes. */
if (*p == '\\')
++pre_bslash;
else
pre_bslash = 0;
*q++ = *p; *q++ = *p;
p++; p++;
} }
if (need_dblquotes) if (need_dblquotes)
*q++ = '"'; {
/* Add backslash for every preceeding backslash for escaping it,
* do NOT escape quote itself.
*/
for (;pre_bslash > 0; --pre_bslash)
*q++ = '\\';
*q++ = '"';
}
*q++ = '\0'; *q++ = '\0';
return retval; return retval;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment