RFR: JDK-8282008: Incorrect handling of quoted arguments in ProcessBuilder [v2]
Roger Riggs
rriggs at openjdk.java.net
Tue Mar 15 21:11:31 UTC 2022
> Quoting related changes in https://bugs.openjdk.java.net/browse/JDK-8250568 modified the way that
> process builder recognized argument strings, causing some arguments to be doubly quoted and malformed.
>
> ProcessBuilder encodes command arguments in two ways, a looser legacy encoding
> and stricter encoding that prevents quotes from being misinterpreted.
> The system property jdk.lang.Process.allowAmbiguousCommands controls which is in effect.
>
> When the property is "true" or not set, arguments are inserted into the Windows command line
> with minimal changes. Arguments containing space or tab are quoted to prevent them being split.
> Arguments that start and end with double-quote are left alone.
> Some executables interpret a backslash before the final quote as an escape; if the argument
> contains first and last quotes, backslashes are ignored.
>
> When the allowAmbigousCommands property is `false`, care is taken to ensure that
> the final quote of an argument is the closing quote for the argument and is not
> interpreted as a literal quote by a preceding quote (or an odd number of quotes).
>
> The PR includes a test matrix of the cases where an argument with spaces and a final backslash
> is passed with each combination of `allowAmbiguousCommands = true and false`,
> launched executable, java, .cmd, and .vbs and when the argument is surrounded with double-quotes.
>
> The priority for allowAmbiguousCommands = false is that no argument is split or joined to another argument.
> In some cases, backslashes are doubled to prevent a double-quote from being interpreted incorrectly.
> The trailing backslash in an argument occurs rarely exception when the argument is a directory.
> In that case, the addition of trailing backslashes is benign when the string is used as a filesystem path.
>
> See also PR#7504, for background and a proposal.
Roger Riggs has updated the pull request incrementally with one additional commit since the last revision:
Refactored ArgCheck test to be more readable and easier to maintain and backport
-------------
Changes:
- all: https://git.openjdk.java.net/jdk/pull/7709/files
- new: https://git.openjdk.java.net/jdk/pull/7709/files/a194e439..7db92baf
Webrevs:
- full: https://webrevs.openjdk.java.net/?repo=jdk&pr=7709&range=01
- incr: https://webrevs.openjdk.java.net/?repo=jdk&pr=7709&range=00-01
Stats: 164 lines in 1 file changed: 37 ins; 42 del; 85 mod
Patch: https://git.openjdk.java.net/jdk/pull/7709.diff
Fetch: git fetch https://git.openjdk.java.net/jdk pull/7709/head:pull/7709
PR: https://git.openjdk.java.net/jdk/pull/7709
More information about the core-libs-dev
mailing list