Simple but annoying bug: PowerShell stops working if there is a = in the path of the Script

[schittli]

Steps to reproduce

1. Create the following useles but valid script in a directory containing an equal sign (=), e.g.
   c:\temp\=PSTest\Test.ps1

Enum State {
	Unknown = 1
	New = 2
}

2. Start the Script. You'll get:

The given assembly name or codebase was invalid. (Exception from HRESULT: 0x80131047)
…
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OperationStopped: (:) [], FileLoadException
    + FullyQualifiedErrorId : System.IO.FileLoadException

Expected behavior

It's obvious: No valid character in the path of a PowerShell Script is allowed to affect the Script execution.

Actual behavior

PowerShell stops working with an exception because characters in the path of a PowerShell script can affect the PowerShell runtime.
I guess that a hacker is able to control powershell just by using special characters in the path of a script because PowerShell probably tries to interpret those characters.

Environment data

> $PSVersionTable
Name                           Value
----                           -----
PSVersion                      5.1.16299.98
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.16299.98
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

[markekraus]

This does not reproduce in 6.0.1. I believe starting with 6.0.0 (#5292) the assembly name for PowerShell generated dynamic Classes and Enums changed which resolved this issue. To be clear, in 5.1 the dynamic class assembly names were generated based on the filename. Creating an Enum from a file with an illegal assembly name character is likely the cause of the issue you see.

This repository is for PowerShell Core 6.0.0 and newer. To file bug reports for Windows PowerShell 5.1 please use UserVoice