RFR: JDK-8282008: Incorrect handling of quoted arguments in ProcessBuilder [v2]

Roger Riggs rriggs at openjdk.java.net
Tue Mar 15 21:11:31 UTC 2022 

> Quoting related changes in https://bugs.openjdk.java.net/browse/JDK-8250568 modified the way that
> process builder recognized argument strings, causing some arguments to be doubly quoted and malformed.
> 
> ProcessBuilder encodes command arguments in two ways, a looser legacy encoding
> and stricter encoding that prevents quotes from being misinterpreted.
> The system property jdk.lang.Process.allowAmbiguousCommands controls which is in effect.
> 
> When the property is "true" or not set, arguments are inserted into the Windows command line
> with minimal changes.  Arguments containing space or tab are quoted to prevent them being split.
> Arguments that start and end with double-quote are left alone.
> Some executables interpret a backslash before the final quote as an escape; if the argument 
> contains first and last quotes, backslashes are ignored.
> 
> When the allowAmbigousCommands property is `false`, care is taken to ensure that
> the final quote of an argument is the closing quote for the argument and is not
> interpreted as a literal quote by a preceding quote (or an odd number of quotes).
> 
> The PR includes a test matrix of the cases where an argument with spaces and a final backslash
> is passed with each combination of `allowAmbiguousCommands = true and false`,
> launched executable, java, .cmd, and .vbs and when the argument is surrounded with double-quotes.
> 
> The priority for allowAmbiguousCommands = false is that no argument is split or joined to another argument.
> In some cases, backslashes are doubled to prevent a double-quote from being interpreted incorrectly.
> The trailing backslash in an argument occurs rarely exception when the argument is a directory.
> In that case, the addition of trailing backslashes is benign when the string is used as a filesystem path.
> 
> See also PR#7504, for background and a proposal.

Roger Riggs has updated the pull request incrementally with one additional commit since the last revision:

  Refactored ArgCheck test to be more readable and easier to maintain and backport

-------------

Changes:
  - all: https://git.openjdk.java.net/jdk/pull/7709/files
  - new: https://git.openjdk.java.net/jdk/pull/7709/files/a194e439..7db92baf

Webrevs:
 - full: https://webrevs.openjdk.java.net/?repo=jdk&pr=7709&range=01
 - incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=7709&range=00-01

  Stats: 164 lines in 1 file changed: 37 ins; 42 del; 85 mod
  Patch: https://git.openjdk.java.net/jdk/pull/7709.diff
  Fetch: git fetch https://git.openjdk.java.net/jdk pull/7709/head:pull/7709

PR: https://git.openjdk.java.net/jdk/pull/7709

More information about the core-libs-dev mailing list