Patch escapeshell-exclamation-mark for Program Execution Bug #69768
Patch version 2015-06-07 18:02 UTC
Return to Bug #69768 |
Download this patch
Patch Revisions:
Developer: cmb@php.net
ext/standard/exec.c | 6 +++++-
.../tests/general_functions/escapeshellarg_basic-win32.phpt | 2 ++
ext/standard/tests/general_functions/escapeshellcmd-win32.phpt | 5 ++++-
3 files changed, 11 insertions(+), 2 deletions(-)
diff --git a/ext/standard/exec.c b/ext/standard/exec.c
index 71dfc7c..2438a80 100644
--- a/ext/standard/exec.c
+++ b/ext/standard/exec.c
@@ -283,9 +283,12 @@ PHPAPI zend_string *php_escape_shell_cmd(char *str)
break;
#else
/* % is Windows specific for environmental variables, ^%PATH% will
- output PATH whil ^%PATH^% not. escapeshellcmd->val will escape all %.
+ output PATH while ^%PATH^% not. cmd->val will escape all %.
+ ! triggers delayed substitution of Windows environment variables,
+ if this functionality is enabled. cmd->val will escape all !.
*/
case '%':
+ case '!':
case '"':
case '\'':
#endif
@@ -369,6 +372,7 @@ PHPAPI zend_string *php_escape_shell_arg(char *str)
#ifdef PHP_WIN32
case '"':
case '%':
+ case '!':
cmd->val[y++] = ' ';
break;
#else
diff --git a/ext/standard/tests/general_functions/escapeshellarg_basic-win32.phpt b/ext/standard/tests/general_functions/escapeshellarg_basic-win32.phpt
index 8880056..d97c1a9 100644
--- a/ext/standard/tests/general_functions/escapeshellarg_basic-win32.phpt
+++ b/ext/standard/tests/general_functions/escapeshellarg_basic-win32.phpt
@@ -18,6 +18,7 @@ echo "Simple testcase for escapeshellarg() function\n";
var_dump(escapeshellarg("Mr O'Neil"));
var_dump(escapeshellarg("Mr O\'Neil"));
var_dump(escapeshellarg("%FILENAME"));
+var_dump(escapeshellarg("!FILENAME"));
var_dump(escapeshellarg(""));
echo "Done\n";
@@ -27,5 +28,6 @@ Simple testcase for escapeshellarg() function
string(11) ""Mr O'Neil""
string(12) ""Mr O\'Neil""
string(11) "" FILENAME""
+string(11) "" FILENAME""
string(2) """"
Done
\ No newline at end of file
diff --git a/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt b/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt
index 9fcb991..7d2a029 100644
--- a/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt
+++ b/ext/standard/tests/general_functions/escapeshellcmd-win32.phpt
@@ -17,7 +17,8 @@ $data = array(
'%^',
'#&;`|*?',
'~<>\\',
- '%NOENV%'
+ '%NOENV%',
+ '!NOENV!'
);
$count = 1;
@@ -46,4 +47,6 @@ string(14) "^#^&^;^`^|^*^?"
string(8) "^~^<^>^\"
-- Test 8 --
string(9) "^%NOENV^%"
+-- Test 9 --
+string(9) "^!NOENV^!"
Done
|
Copyright © 2001-2024 The PHP Group