Opened 10 years ago

Last modified 10 years ago

#343 new defect

exec deliberately escapes double quotes

Reported by: dmik Owned by:
Priority: normal Milestone: new
Component: libc Version: 0.6.6
Severity: normal Keywords:
Cc:

Description

I found out that the exec* call (and spawn as well I assume) deliberately escapes double quote characters in arguments with a backslash. This is fine for binaries that are built with kLIBC itself as this will be unescaped back before calling main (so that the application will not even notice this). However, it screws binaries based on other runtimes (e.g. rexx.exe or wrc.exe).

Change History (2)

comment:1 by dmik, 10 years ago

The test case:

parent.c:

#include <stdio.h>
#include <stdlib.h>
#include <string.h>

#include <unistd.h>
#include <errno.h>
#include <fcntl.h>
#include <process.h>

int main (int argc, char **argv)
{
printf ("parent: pid=%d [%s]\n", _getpid (), argv[0]);
int rc = execlp ("child.cmd", "child.cmd", "'foo'", "\x22""bar""\x22", NULL);
printf ("parent: exec=%d (%d:%s)\n", rc, errno, strerror(errno));
return 0;
}

child.cmd:

/**/
parse arg args
say 'args = ['args']'

If you start parent.exe, the output will be:

D:>parent.exe
parent: pid=12016 [D:\Coding\Tests\c\exec\parent.exe]
parent: args=[1]
args = ['foo' \"bar\"]

This will completely screw up the target program which doesn't expect " to be escaped this way. The real life case of such a screw up screw up is wrc.exe. See here http://trac.netlabs.org/ports/ticket/60. And http://trac.netlabs.org/kbuild/ticket/113 seems to be a similar case as well.

Version 0, edited 10 years ago by dmik (next)

comment:2 by dmik, 10 years ago

IIRC, there is some heuristic in one of the exec worker functions that decides if it should escape double quotes and do some other *nix related stuff but if so then it breaks in the mentioned cases for some reason.

Last edited 10 years ago by dmik (previous) (diff)
Note: See TracTickets for help on using tickets.