Merge pull request from GHSA-frqg-7g38-6gcf
Jordi Boggiano
GitHub
parent
532c6e7933
commit
b3eebeb3b9
|
|
@ -129,7 +129,7 @@ EOT
|
||||||
|
|
||||||
$process = new ProcessExecutor($this->getIO());
|
$process = new ProcessExecutor($this->getIO());
|
||||||
if (Platform::isWindows()) {
|
if (Platform::isWindows()) {
|
||||||
return $process->execute('start "web" explorer "' . $url . '"', $output);
|
return $process->execute('start "web" explorer ' . $url, $output);
|
||||||
}
|
}
|
||||||
|
|
||||||
$linux = $process->execute('which xdg-open', $output);
|
$linux = $process->execute('which xdg-open', $output);
|
||||||
|
|
|
||||||
|
|
@ -455,7 +455,7 @@ class ProcessExecutor
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Copy of ProcessUtils::escapeArgument() that is deprecated in Symfony 3.3 and removed in Symfony 4.
|
* Copy of Symfony's Process::escapeArgument() which is private
|
||||||
*
|
*
|
||||||
* @param string $argument
|
* @param string $argument
|
||||||
*
|
*
|
||||||
|
|
@ -463,41 +463,22 @@ class ProcessExecutor
|
||||||
*/
|
*/
|
||||||
private static function escapeArgument($argument)
|
private static function escapeArgument($argument)
|
||||||
{
|
{
|
||||||
//Fix for PHP bug #43784 escapeshellarg removes % from given string
|
if ('' === $argument || null === $argument) {
|
||||||
//Fix for PHP bug #49446 escapeshellarg doesn't work on Windows
|
return '""';
|
||||||
//@see https://bugs.php.net/bug.php?id=43784
|
|
||||||
//@see https://bugs.php.net/bug.php?id=49446
|
|
||||||
if ('\\' === DIRECTORY_SEPARATOR) {
|
|
||||||
if ((string) $argument === '') {
|
|
||||||
return escapeshellarg($argument);
|
|
||||||
}
|
}
|
||||||
|
if ('\\' !== \DIRECTORY_SEPARATOR) {
|
||||||
$escapedArgument = '';
|
|
||||||
$quote = false;
|
|
||||||
foreach (preg_split('/(")/', $argument, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE) as $part) {
|
|
||||||
if ('"' === $part) {
|
|
||||||
$escapedArgument .= '\\"';
|
|
||||||
} elseif (self::isSurroundedBy($part, '%')) {
|
|
||||||
// Avoid environment variable expansion
|
|
||||||
$escapedArgument .= '^%"'.substr($part, 1, -1).'"^%';
|
|
||||||
} else {
|
|
||||||
// escape trailing backslash
|
|
||||||
if ('\\' === substr($part, -1)) {
|
|
||||||
$part .= '\\';
|
|
||||||
}
|
|
||||||
$quote = true;
|
|
||||||
$escapedArgument .= $part;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if ($quote) {
|
|
||||||
$escapedArgument = '"'.$escapedArgument.'"';
|
|
||||||
}
|
|
||||||
|
|
||||||
return $escapedArgument;
|
|
||||||
}
|
|
||||||
|
|
||||||
return "'".str_replace("'", "'\\''", $argument)."'";
|
return "'".str_replace("'", "'\\''", $argument)."'";
|
||||||
}
|
}
|
||||||
|
if (str_contains($argument, "\0")) {
|
||||||
|
$argument = str_replace("\0", '?', $argument);
|
||||||
|
}
|
||||||
|
if (!preg_match('/[\/()%!^"<>&|\s]/', $argument)) {
|
||||||
|
return $argument;
|
||||||
|
}
|
||||||
|
$argument = preg_replace('/(\\\\+)$/', '$1$1', $argument);
|
||||||
|
|
||||||
|
return '"'.str_replace(['"', '^', '%', '!', "\n"], ['""', '"^^"', '"^%"', '"^!"', '!LF!'], $argument).'"';
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param string $arg
|
* @param string $arg
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue