From c0cea9613983c6f2d713f5dcc36faf4f9991be97 Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Tue, 18 May 2004 13:43:33 +0000 Subject: [PATCH] MFH: Fixed command line escaping routines for win32. --- NEWS | 1 + ext/standard/exec.c | 12 +++++++++++- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index a5b52b374b..89a0f1e757 100644 --- a/NEWS +++ b/NEWS @@ -2,6 +2,7 @@ PHP 4 NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| ?? ??? 2004, Version 4.3.7 - Upgraded bundled GD library to 2.0.23. (Ilia) +- Fixed command line escaping routines for win32. (Ilia) - Fixed problems with *printf() functions and '%f' formatting. (Marcus) - Fixed possible crash inside pg_copy_(to|from) function if delimiter is more then 1 character long. (Ilia) diff --git a/ext/standard/exec.c b/ext/standard/exec.c index 729190f878..8fa7bfb024 100644 --- a/ext/standard/exec.c +++ b/ext/standard/exec.c @@ -410,6 +410,7 @@ char *php_escape_shell_cmd(char *str) { switch (str[x]) { case '"': case '\'': +#ifndef PHP_WIN32 if (!p && (p = memchr(str + x + 1, str[x], l - x - 1))) { /* noop */ } else if (p && *p == str[x]) { @@ -419,6 +420,7 @@ char *php_escape_shell_cmd(char *str) { } cmd[y++] = str[x]; break; +#endif case '#': /* This is character-set independent */ case '&': case ';': @@ -440,6 +442,12 @@ char *php_escape_shell_cmd(char *str) { case '\\': case '\x0A': /* excluding these two */ case '\xFF': +#ifdef PHP_WIN32 + /* since Windows does not allow us to escape these chars, just remove them */ + case '%': + cmd[y++] = ' '; + break; +#endif cmd[y++] = '\\'; /* fall-through */ default: @@ -472,7 +480,9 @@ char *php_escape_shell_arg(char *str) { switch (str[x]) { #ifdef PHP_WIN32 case '"': - cmd[y++] = '\\'; + case '%': + cmd[y++] = ' '; + break; #else case '\'': cmd[y++] = '\''; -- 2.40.0