-
Notifications
You must be signed in to change notification settings - Fork 5.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JDK-8282008: Incorrect handling of quoted arguments in ProcessBuilder #7709
Conversation
👋 Welcome back rriggs! A progress list of the required criteria for merging this PR into |
@RogerRiggs The following label will be automatically applied to this pull request:
When this pull request is ready to be reviewed, an "RFR" email will be sent to the corresponding mailing list. If you would like to change these labels, use the /label pull request command. |
Webrevs
|
@RogerRiggs when do you plan to merge this patch approximately? |
@omikhaltsova Its taken more time than expected to get the reviews needed. Perhaps in a week or so. |
str = str.replace("\r", ""); | ||
actual = Arrays.asList(str.split("\n")); | ||
} catch (IOException ioe) { | ||
throw new RuntimeException(ioe.getMessage(), ioe); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you think we should also explicitly do a process.destroy
here, to force kill the launched process?
// Depending on the mode the final backslash may act as an escape that may turn an added quote to a literal quote | ||
private static final String SPACE_AND_BACKSLASH = "SPACE AND BACKSLASH\\"; | ||
private static final char DOUBLE_QUOTE = '"'; | ||
private static final char NEWLINE = '\n'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like this isn't being used.
Hello Roger, I don't have much knowledge of the Windows semantics in this area, but the change looks OK to me. Just a few minor notes in the test case. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The change looks good. I just have a couple small suggestions for the test.
|
||
/** | ||
* If zero arguments are supplied, run the test cases. | ||
* If there are arguments, echo them to Stdout. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think it's worth mentioning that this echoing of the arguments is how the "java invocation" mode is checked -- by spawning an additional copy of ArgCheck.
errors++; | ||
} | ||
} else { | ||
// skip unmatched cases |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can an "ignored" metric be added, along with "success" and "error" ?
I don't like silently skipping parts of a test.
Logging skipped test cases would work, too, but that might make the test output overly verbose.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Added a count of skipped tests and a final message.
This change required a CSR, now approved. |
@RogerRiggs This change now passes all automated pre-integration checks. ℹ️ This project also has non-automated pre-integration requirements. Please see the file CONTRIBUTING.md for details. After integration, the commit message for the final commit will be:
You can use pull request commands such as /summary, /contributor and /issue to adjust it as needed. At the time when this comment was updated there had been 133 new commits pushed to the
As there are no conflicts, your changes will automatically be rebased on top of these commits when integrating. If you prefer to avoid this automatic rebasing, please check the documentation for the /integrate command for further details. ➡️ To integrate this PR with the above commit message to the |
/integrate |
Going to push as commit 897d6c0.
Your commit was automatically rebased without conflicts. |
@RogerRiggs Pushed as commit 897d6c0. 💡 You may see a message that your pull request was closed with unmerged commits. This can be safely ignored. |
Quoting related changes in https://bugs.openjdk.java.net/browse/JDK-8250568 modified the way that
process builder recognized argument strings, causing some arguments to be doubly quoted and malformed.
ProcessBuilder encodes command arguments in two ways, a looser legacy encoding
and stricter encoding that prevents quotes from being misinterpreted.
The system property jdk.lang.Process.allowAmbiguousCommands controls which is in effect.
When the property is "true" or not set, arguments are inserted into the Windows command line
with minimal changes. Arguments containing space or tab are quoted to prevent them being split.
Arguments that start and end with double-quote are left alone.
Some executables interpret a backslash before the final quote as an escape; if the argument
contains first and last quotes, backslashes are ignored.
When the allowAmbigousCommands property is
false
, care is taken to ensure thatthe final quote of an argument is the closing quote for the argument and is not
interpreted as a literal quote by a preceding quote (or an odd number of quotes).
The PR includes a test matrix of the cases where an argument with spaces and a final backslash
is passed with each combination of
allowAmbiguousCommands = true and false
,launched executable, java, .cmd, and .vbs and when the argument is surrounded with double-quotes.
The priority for allowAmbiguousCommands = false is that no argument is split or joined to another argument.
In some cases, backslashes are doubled to prevent a double-quote from being interpreted incorrectly.
The trailing backslash in an argument occurs rarely exception when the argument is a directory.
In that case, the addition of trailing backslashes is benign when the string is used as a filesystem path.
See also PR#7504, for background and a proposal.
Progress
Issues
Reviewers
Reviewing
Using
git
Checkout this PR locally:
$ git fetch https://git.openjdk.java.net/jdk pull/7709/head:pull/7709
$ git checkout pull/7709
Update a local copy of the PR:
$ git checkout pull/7709
$ git pull https://git.openjdk.java.net/jdk pull/7709/head
Using Skara CLI tools
Checkout this PR locally:
$ git pr checkout 7709
View PR using the GUI difftool:
$ git pr show -t 7709
Using diff file
Download this PR as a diff file:
https://git.openjdk.java.net/jdk/pull/7709.diff