1
0
Fork 0

Merge pull request from GHSA-frqg-7g38-6gcf

pull/10150/head
Jordi Boggiano 2021-10-05 09:28:42 +02:00 committed by GitHub
parent 532c6e7933
commit b3eebeb3b9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 15 additions and 34 deletions

View File

@ -129,7 +129,7 @@ EOT
$process = new ProcessExecutor($this->getIO()); $process = new ProcessExecutor($this->getIO());
if (Platform::isWindows()) { if (Platform::isWindows()) {
return $process->execute('start "web" explorer "' . $url . '"', $output); return $process->execute('start "web" explorer ' . $url, $output);
} }
$linux = $process->execute('which xdg-open', $output); $linux = $process->execute('which xdg-open', $output);

View File

@ -455,7 +455,7 @@ class ProcessExecutor
} }
/** /**
* Copy of ProcessUtils::escapeArgument() that is deprecated in Symfony 3.3 and removed in Symfony 4. * Copy of Symfony's Process::escapeArgument() which is private
* *
* @param string $argument * @param string $argument
* *
@ -463,40 +463,21 @@ class ProcessExecutor
*/ */
private static function escapeArgument($argument) private static function escapeArgument($argument)
{ {
//Fix for PHP bug #43784 escapeshellarg removes % from given string if ('' === $argument || null === $argument) {
//Fix for PHP bug #49446 escapeshellarg doesn't work on Windows return '""';
//@see https://bugs.php.net/bug.php?id=43784
//@see https://bugs.php.net/bug.php?id=49446
if ('\\' === DIRECTORY_SEPARATOR) {
if ((string) $argument === '') {
return escapeshellarg($argument);
}
$escapedArgument = '';
$quote = false;
foreach (preg_split('/(")/', $argument, -1, PREG_SPLIT_NO_EMPTY | PREG_SPLIT_DELIM_CAPTURE) as $part) {
if ('"' === $part) {
$escapedArgument .= '\\"';
} elseif (self::isSurroundedBy($part, '%')) {
// Avoid environment variable expansion
$escapedArgument .= '^%"'.substr($part, 1, -1).'"^%';
} else {
// escape trailing backslash
if ('\\' === substr($part, -1)) {
$part .= '\\';
}
$quote = true;
$escapedArgument .= $part;
}
}
if ($quote) {
$escapedArgument = '"'.$escapedArgument.'"';
}
return $escapedArgument;
} }
if ('\\' !== \DIRECTORY_SEPARATOR) {
return "'".str_replace("'", "'\\''", $argument)."'";
}
if (str_contains($argument, "\0")) {
$argument = str_replace("\0", '?', $argument);
}
if (!preg_match('/[\/()%!^"<>&|\s]/', $argument)) {
return $argument;
}
$argument = preg_replace('/(\\\\+)$/', '$1$1', $argument);
return "'".str_replace("'", "'\\''", $argument)."'"; return '"'.str_replace(['"', '^', '%', '!', "\n"], ['""', '"^^"', '"^%"', '"^!"', '!LF!'], $argument).'"';
} }
/** /**