From 54a3beda470c57dd7f65dc98707cd3271442ced5 Mon Sep 17 00:00:00 2001
From: Jordi Boggiano <j.boggiano@seld.be>
Date: Mon, 10 Jun 2024 22:08:29 +0200
Subject: [PATCH] Add more characters for best fit encoding protection

---
 src/Composer/Util/ProcessExecutor.php | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/Composer/Util/ProcessExecutor.php b/src/Composer/Util/ProcessExecutor.php
index ea8098c16..c5b9e35b4 100644
--- a/src/Composer/Util/ProcessExecutor.php
+++ b/src/Composer/Util/ProcessExecutor.php
@@ -490,7 +490,21 @@ class ProcessExecutor
         // New lines break cmd.exe command parsing
         // and special chars like the fullwidth quote can be used to break out
         // of parameter encoding via "Best Fit" encoding conversion
-        $argument = strtr($argument, ["\n" => ' ', '＂' => '"', '：' => ':', '／' => '/']);
+        $argument = strtr($argument, [
+            "\n" => ' ',
+            "\u{ff02}" => '"',
+            "\u{02ba}" => '"',
+            "\u{301d}" => '"',
+            "\u{301e}" => '"',
+            "\u{030e}" => '"',
+            "\u{ff1a}" => ':',
+            "\u{0589}" => ':',
+            "\u{2236}" => ':',
+            "\u{ff0f}" => '/',
+            "\u{2044}" => '/',
+            "\u{2215}" => '/',
+            "\u{00b4}" => '/',
+        ]);
 
         // In addition to whitespace, commas need quoting to preserve paths
         $quote = strpbrk($argument, " \t,") !== false;