RFR: JDK-8282008: Incorrect handling of quoted arguments in ProcessBuilder [v3]

[Roger Riggs]

On Tue, 5 Apr 2022 16:39:33 GMT, Roger Riggs <rriggs at openjdk.org> wrote:

>> Quoting related changes in https://bugs.openjdk.java.net/browse/JDK-8250568 modified the way that
>> process builder recognized argument strings, causing some arguments to be doubly quoted and malformed.
>> 
>> ProcessBuilder encodes command arguments in two ways, a looser legacy encoding
>> and stricter encoding that prevents quotes from being misinterpreted.
>> The system property jdk.lang.Process.allowAmbiguousCommands controls which is in effect.
>> 
>> When the property is "true" or not set, arguments are inserted into the Windows command line
>> with minimal changes.  Arguments containing space or tab are quoted to prevent them being split.
>> Arguments that start and end with double-quote are left alone.
>> Some executables interpret a backslash before the final quote as an escape; if the argument 
>> contains first and last quotes, backslashes are ignored.
>> 
>> When the allowAmbigousCommands property is `false`, care is taken to ensure that
>> the final quote of an argument is the closing quote for the argument and is not
>> interpreted as a literal quote by a preceding quote (or an odd number of quotes).
>> 
>> The PR includes a test matrix of the cases where an argument with spaces and a final backslash
>> is passed with each combination of `allowAmbiguousCommands = true and false`,
>> launched executable, java, .cmd, and .vbs and when the argument is surrounded with double-quotes.
>> 
>> The priority for allowAmbiguousCommands = false is that no argument is split or joined to another argument.
>> In some cases, backslashes are doubled to prevent a double-quote from being interpreted incorrectly.
>> The trailing backslash in an argument occurs rarely exception when the argument is a directory.
>> In that case, the addition of trailing backslashes is benign when the string is used as a filesystem path.
>> 
>> See also PR#7504, for background and a proposal.
>
> Roger Riggs has updated the pull request with a new target base due to a merge or a rebase. The incremental webrev excludes the unrelated changes brought in by the merge/rebase. The pull request contains five additional commits since the last revision:
> 
>  - Merge branch 'master' into 8282008-quoted-escape
>  - Add count of skipped tests and improve comments
>  - Refactored ArgCheck test to be more readable and easier to maintain and backport
>  - Cleanup comment and copyright
>  - JDK-8282008: Incorrect handling of quoted arguments in ProcessBuilder

This change required a CSR, now approved.

-------------

PR: https://git.openjdk.java.net/jdk/pull/7709