From fa8859fa224e6a5613bc32acb092a7adacc59dd6 Mon Sep 17 00:00:00 2001 From: Willie Ruemmele Date: Thu, 28 Aug 2025 16:53:10 -0600 Subject: [PATCH 1/2] chore: change nsis script to use global cmd.exe --- scripts/nsis.nsi | 35 ++++++++++++++++++++++++----------- 1 file changed, 24 insertions(+), 11 deletions(-) diff --git a/scripts/nsis.nsi b/scripts/nsis.nsi index 2fc52c2b..12aa66be 100644 --- a/scripts/nsis.nsi +++ b/scripts/nsis.nsi @@ -48,17 +48,30 @@ FunctionEnd Function .onInit -nsExec::ExecToStack /TIMEOUT=2000 'cmd /c "sfdx --version"' -; exit code is stored on $0 first, then stdout -Pop $0 -Pop $0 -; $0 now contains stdout - -;$1 is the result of the comparison -${StrContains} $1 "sfdx-cli/7." $0 -StrCmp $1 "" notFound1 - MessageBox MB_OK 'Error: sfdx cli installed, please uninstall - https://developer.salesforce.com/docs/atlas.en-us.sfdx_setup.meta/sfdx_setup/sfdx_setup_uninstall.htm' + ; Securely locate global cmd.exe (System32 or Sysnative) + StrCpy $R9 "$WINDIR\System32\cmd.exe" + IfFileExists "$R9" 0 check_sysnative + Goto cmd_found + check_sysnative: + StrCpy $R9 "$WINDIR\Sysnative\cmd.exe" + IfFileExists "$R9" 0 cmd_not_found + Goto cmd_found + cmd_not_found: + MessageBox MB_OK|MB_ICONSTOP "Error: Could not find global cmd.exe. Installation cannot continue." Quit -notFound1: + cmd_found: + + nsExec::ExecToStack /TIMEOUT=2000 '"$R9" /c "sfdx --version"' + ; exit code is stored on $0 first, then stdout + Pop $0 + Pop $0 + ; $0 now contains stdout + + ;$1 is the result of the comparison + ${StrContains} $1 "sfdx-cli/7." $0 + StrCmp $1 "" notFound1 + MessageBox MB_OK 'Error: sfdx cli installed, please uninstall - https://developer.salesforce.com/docs/atlas.en-us.sfdx_setup.meta/sfdx_setup/sfdx_setup_uninstall.htm' + Quit + notFound1: FunctionEnd From ee4098dc8481bd6fd3fe7fbf59081994702faeaf Mon Sep 17 00:00:00 2001 From: Willie Ruemmele Date: Fri, 29 Aug 2025 08:55:54 -0600 Subject: [PATCH 2/2] refactor: cleanup, reduce extra --- scripts/nsis.nsi | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/scripts/nsis.nsi b/scripts/nsis.nsi index 12aa66be..02549a0b 100644 --- a/scripts/nsis.nsi +++ b/scripts/nsis.nsi @@ -48,18 +48,16 @@ FunctionEnd Function .onInit - ; Securely locate global cmd.exe (System32 or Sysnative) - StrCpy $R9 "$WINDIR\System32\cmd.exe" - IfFileExists "$R9" 0 check_sysnative - Goto cmd_found - check_sysnative: - StrCpy $R9 "$WINDIR\Sysnative\cmd.exe" - IfFileExists "$R9" 0 cmd_not_found - Goto cmd_found - cmd_not_found: - MessageBox MB_OK|MB_ICONSTOP "Error: Could not find global cmd.exe. Installation cannot continue." - Quit - cmd_found: + ; Use explicit System32/Sysnative path to cmd.exe for security + ; $R9 becomes the path to the global cmd.exe + StrCpy $R9 "$WINDIR\\System32\\cmd.exe" ; Try System32 first + IfFileExists "$R9" path_is_safe + StrCpy $R9 "$WINDIR\\Sysnative\\cmd.exe" ; Try Sysnative for WOW64 + IfFileExists "$R9" path_is_safe + MessageBox MB_OK|MB_ICONSTOP "Error: Could not find system cmd.exe. Installation cannot continue." + Abort + + path_is_safe: nsExec::ExecToStack /TIMEOUT=2000 '"$R9" /c "sfdx --version"' ; exit code is stored on $0 first, then stdout