New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix env:PAGER not tokenized properly by help command #8913
Conversation
@@ -573,7 +573,8 @@ Describe 'help renders when using a PAGER with a space in the path' -Tags 'CI' { | |||
Set-Content -Path $fakePagerPath -Value $fakePager | |||
|
|||
$SavedEnvPager = $env:PAGER | |||
$env:PAGER = $fakePagerPath | |||
$fakePagerCustomArgs = "here is a fake argument" | |||
$env:PAGER = "`"$fakePagerPath`" `"$fakePagerCustomArgs`"" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That won't interpolate variables. Try instead:
$env:PAGER = "`"$fakePagerPath`" `"$fakePagerCustomArgs`"" | |
$env:PAGER = '"{0}" "{1}"' -f $fakePagerPath, $fakePagerCustomArgs |
@@ -4185,7 +4185,10 @@ .FORWARDHELPCATEGORY Cmdlet | |||
$customPagerCommandLine = $env:PAGER | |||
|
|||
# Split the command line into tokens, respecting quoting. | |||
$customPagerCommand, $customPagerCommandArgs = & { Write-Output -- $customPagerCommandLine } | |||
$errs = $null | |||
$tokens = [System.Management.Automation.PSParser]::Tokenize($customPagerCommandLine, [ref]$errs) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My only question is whether is makes sense to handle all the tokens, rather than just the first two. I don't know much about this functionality though, so perhaps not
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hey @rjmholt,
I briefly looked into it and I'm guessing we'd rather use a powershell function specifically designed to split the command line into it's command and arguments. Having said that I haven't found a powershell function that does that and is a part of PSCore.
I am of the opinion that using Tokenize and only keeping the first two tokens is the best option.
Thoughts ? :)
@@ -573,7 +573,8 @@ Describe 'help renders when using a PAGER with a space in the path' -Tags 'CI' { | |||
Set-Content -Path $fakePagerPath -Value $fakePager | |||
|
|||
$SavedEnvPager = $env:PAGER | |||
$env:PAGER = $fakePagerPath | |||
$fakePagerCustomArgs = "here is a fake argument" | |||
$env:PAGER = "`"$fakePagerPath`" `"$fakePagerCustomArgs`"" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That won't interpolate variables. Try instead:
$env:PAGER = "`"$fakePagerPath`" `"$fakePagerCustomArgs`"" | |
$env:PAGER = '"{0}" "{1}"' -f $fakePagerPath, $fakePagerCustomArgs |
@rkeithhill Please review the PR. |
My fear is that this function becomes ponderous. |
I'll look at it this weekend. I still have some concerns. I'd like to avoid any sort of script injection e.g. Also the tokenizer approach doesn't account for single value, path to pager with spaces. That is, it parses this |
The tokenizer approach can still work if you put quotes around the pager path. Without quotes and extra arguments it indeed becomes harder to parse the page path with a space in it. Without an extra argument I agree we shouldn't need quotes and checking if the entire command-line is a valid path is a good idea and this is exactly how to code works currently. |
Should we follow only env:PAGER? Could we put in env:PAGER only application name and params in env:PAGERPARAMS? |
@rjmholt :) |
OK, here is my take on how to do this without incurring script injection - at least unintental script injection. Note there is probably a better way but this does seem to work. Here it is in pseudo-code - ish form:
|
BTW while we have "the hood up", why is it that on Windows - when I use less, I have to first pipe to
versus:
Note that on Linux, piping directly to less works just fine. BTW I've tried setting $COLUMNS/$LINES on Windows and that doesn't help. |
@rkeithhill Please open new Issue for your question.
|
$errs = $null | ||
$tokens = [System.Management.Automation.PSParser]::Tokenize($customPagerCommandLine, [ref]$errs) | ||
$customPagerCommand = $tokens[0].Content | ||
$customPagerCommandArgs = $tokens[1].Content |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if there is some arguments?
Also now we should change
$cmds = Get-Command $customPagerCommand, $customPagerCommandLine -ErrorAction Ignore
with
$cmds = Get-Command $customPagerCommand-ErrorAction Ignore
PR Summary
This PR fixes #8912 which is due to a tokenization issue in the help command.
PR Context
PR Checklist
.h
,.cpp
,.cs
,.ps1
and.psm1
files have the correct copyright headerWIP:
or[ WIP ]
to the beginning of the title (theWIP
bot will keep its status check atPending
while the prefix is present) and remove the prefix when the PR is ready.[feature]
to your commit messages if the change is significant or affects feature tests