Thanks to visit codestin.com
Credit goes to github.com

Skip to content

[BUG] cmd.run module behaves incorrectly on Windows #68096

New issue
New issue
Closed
Bug
#68156
Closed
[BUG] cmd.run module behaves incorrectly on Windows#68096
Bug
#68156
Assignees
twangboy
Labels
bugbroken, incorrect, or confusing behaviorneeds-triage
Milestone
Sulfur v3006.15
@xsmile

Description

@xsmile
xsmile
opened on Jun 19, 2025

Description

The cmdmod module makes assumptions about the shell type and the content of the command, modyfing them on a best-effort basis to ensure it can run successfully.

These assumptions override user parameters and in multiple cases lead to unwanted results or break command execution. cmdmod should leave the parameters as is.

Setup

  • VM (KVM)
  • onedir packaging via EXE installer

Case 1

Running a command via cmd.exe. A relative instead of an absolute path to cmd is used.

PS C:\Program Files\Salt Project\Salt> .\salt-call --local cmd.run 'echo 1' shell=cmd.exe
local:
    1

Executed command

cmd /c "echo 1"

Expected command:

C:\Windows\System32\cmd.exe /c "echo 1"

Case 2

Running a binary via a shell. The shell parameter is ignored. Instead, whoami.exe is determined to be a valid executable and started directly.

PS C:\Program Files\Salt Project\Salt> .\salt-call --local cmd.run 'whoami.exe' shell=cmd.exe
local:
    domain\administrator

Executed command:

whoami.exe

Expected command:

C:\Windows\System32\cmd.exe /c "whoami.exe"

Case 3

Running a command via PowerShell. pwsh.exe is used but the command is prepended with the call operator &.

PS C:\Program Files\Salt Project\Salt> .\salt-call --local cmd.run '(echo 1)' shell=pwsh.exe
[ERROR   ] Command '"C:\Program' failed with return code: 1
[ERROR   ] stdout: &: The term '1' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
[ERROR   ] retcode: 1
[ERROR   ] Command '(echo' failed with return code: 1
[ERROR   ] output: &: The term '1' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
local:
    ?[31;1m&: ?[31;1mThe term '1' is not recognized as a name of a cmdlet, function, script file, or executable program.?[0m
    ?[31;1m?[31;1mCheck the spelling of the name, or if a path was included, verify that the path is correct and try again.?[0m

Executed command:

"C:\Program Files\PowerShell\7\pwsh.exe" -NonInteractive -NoProfile -ExecutionPolicy Bypass -Command "& (echo 1)"

Expected command:

"C:\Program Files\PowerShell\7\pwsh.exe" -NonInteractive -NoProfile -ExecutionPolicy Bypass -Command "(echo 1)"

Case 4

Running a command via PowerShell containing characters assumed to be cmd-only. pwsh.exe is initially used to build the command string but is prepended by & and wrapped by cmd.exe in the end.

PS C:\Program Files\Salt Project\Salt> .\salt-call --local cmd.run 'echo 1 && echo 2' shell=pwsh.exe
local:
    Cannot process the command because of a missing parameter. A command must follow -Command.

    Usage: pwsh[.exe] [-Login] [[-File] <filePath> [args]]
                      [-Command { - | <script-block> [-args <arg-array>]
                                    | <string> [<CommandParameters>] } ]
                      [-CommandWithArgs <string> [<CommandParameters>]
                      [-ConfigurationName <string>] [-ConfigurationFile <filePath>]
                      [-CustomPipeName <string>] [-EncodedCommand <Base64EncodedCommand>]
                      [-ExecutionPolicy <ExecutionPolicy>] [-InputFormat {Text | XML}]
                      [-Interactive] [-MTA] [-NoExit] [-NoLogo] [-NonInteractive] [-NoProfile]
                      [-NoProfileLoadTime] [-OutputFormat {Text | XML}]
                      [-SettingsFile <filePath>] [-SSHServerMode] [-STA]
                      [-Version] [-WindowStyle <style>]
                      [-WorkingDirectory <directoryPath>]

           pwsh[.exe] -h | -Help | -? | /?

    PowerShell Online Help https://aka.ms/powershell-docs

    All parameters are case-insensitive.
    1
    2""

Executed command:

cmd /c ""C:\Program Files\PowerShell\7\pwsh.EXE" -NonInteractive -NoProfile -ExecutionPolicy Bypass -Command "& echo 1 && echo 2""

Expected command:

"C:\Program Files\PowerShell\7\pwsh.EXE" -NonInteractive -NoProfile -ExecutionPolicy Bypass -Command "echo 1 && echo 2"

Versions Report

salt --versions-report 
Salt Version:
          Salt: 3006.12

Python Version:
        Python: 3.10.17 (heads/main:8bbacbe, Jun  9 2025, 20:41:47) [MSC v.1943 64 bit (AMD64)]

Dependency Versions:
          cffi: 1.14.6
      cherrypy: 18.6.1
  cryptography: 42.0.5
      dateutil: 2.8.1
     docker-py: Not Installed
         gitdb: 4.0.7
     gitpython: 3.1.41
        Jinja2: 3.1.6
       libgit2: Not Installed
  looseversion: 1.0.2
      M2Crypto: Not Installed
          Mako: Not Installed
       msgpack: 1.0.2
  msgpack-pure: Not Installed
  mysql-python: Not Installed
     packaging: 22.0
     pycparser: 2.21
      pycrypto: Not Installed
  pycryptodome: 3.19.1
        pygit2: Not Installed
  python-gnupg: 0.4.8
        PyYAML: 6.0.1
         PyZMQ: 25.0.2
        relenv: 0.19.3
         smmap: 4.0.0
       timelib: 0.2.4
       Tornado: 4.5.3
           ZMQ: 4.3.4

System Versions:
          dist:
        locale: utf-8
       machine: AMD64
       release: 2022Server
        system: Windows
       version: 2022Server 10.0.20348 SP0 Multiprocessor Free

Similar issues

#68095
#67190

Metadata

Metadata

Assignees

Labels

bugbroken, incorrect, or confusing behaviorneeds-triage

Type

Bug

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions