From 78620a5968a5f1d073d6df1396d851a30dca9f65 Mon Sep 17 00:00:00 2001 From: GuillaumeVerdon Date: Wed, 1 Feb 2017 10:32:26 +0100 Subject: [PATCH 1/7] Avoid to escape non-ascii characters in argument MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If the LC_CTYPE is not set at UTF-8, the escapeshellarg() function will remove every non-ascii characters. As it's usual in europe to have directories with non-ascii chars in their name (ex : ~/Vidéos) the function should throw an exception if we're trying to submit it an argument containing non-ascii param and the LC_CTYPE is not set to use UTF-8 --- src/Symfony/Component/Process/ProcessUtils.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/Symfony/Component/Process/ProcessUtils.php b/src/Symfony/Component/Process/ProcessUtils.php index 500202e5844cd..5d061f6e91043 100644 --- a/src/Symfony/Component/Process/ProcessUtils.php +++ b/src/Symfony/Component/Process/ProcessUtils.php @@ -38,6 +38,7 @@ private function __construct() */ public static function escapeArgument($argument) { + //Fix for PHP bug #43784 escapeshellarg removes % from given string //Fix for PHP bug #49446 escapeshellarg doesn't work on Windows //@see https://bugs.php.net/bug.php?id=43784 @@ -70,7 +71,10 @@ public static function escapeArgument($argument) return $escapedArgument; } - + // Avoid the disapeareance of non-ascii parameters when LC_CTYPE is not set as UTF-8 + if (preg_match('/[^\x20-\x7f]/', $argument) && strpos("UTF-8", setlocale(LC_CTYPE, "0")) === false) { + throw new InvalidArgumentException("argument cannot contains non-ascii characters if the locale LC_CTYPE is not set as UTF-8"); + } return escapeshellarg($argument); } From 597e1a83f2119f2f9c2297122f6acee8e44fab4f Mon Sep 17 00:00:00 2001 From: Guillaume Verdon Date: Wed, 1 Feb 2017 21:51:29 +0100 Subject: [PATCH 2/7] Replacing the primitive escapeshellarg() on linux systems --- src/Symfony/Component/Process/ProcessUtils.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/src/Symfony/Component/Process/ProcessUtils.php b/src/Symfony/Component/Process/ProcessUtils.php index 5d061f6e91043..5eccb67e6b577 100644 --- a/src/Symfony/Component/Process/ProcessUtils.php +++ b/src/Symfony/Component/Process/ProcessUtils.php @@ -71,11 +71,7 @@ public static function escapeArgument($argument) return $escapedArgument; } - // Avoid the disapeareance of non-ascii parameters when LC_CTYPE is not set as UTF-8 - if (preg_match('/[^\x20-\x7f]/', $argument) && strpos("UTF-8", setlocale(LC_CTYPE, "0")) === false) { - throw new InvalidArgumentException("argument cannot contains non-ascii characters if the locale LC_CTYPE is not set as UTF-8"); - } - return escapeshellarg($argument); + return "'" . str_replace("'", "'\\''", $argument) . "'"; } /** From 7839ba0bec5507a49f98f0c9155ae2aec5b9a22d Mon Sep 17 00:00:00 2001 From: Guillaume Verdon Date: Wed, 1 Feb 2017 22:12:41 +0100 Subject: [PATCH 3/7] Added test case for non-ascii chars --- src/Symfony/Component/Process/Tests/ProcessUtilsTest.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php b/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php index e6564cde5ba6d..1b3f3271a208a 100644 --- a/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php +++ b/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php @@ -43,6 +43,7 @@ public function dataArguments() array("'<|>\" \"'\\''f'", '<|>" "\'f'), array("''", ''), array("'with\\trailingbs\\'", 'with\trailingbs\\'), + array("'withNonAsciiAccentLikeéÉèÈàÀöä'", "withNonAsciiAccentLikeéÉèÈàÀöä") ); } } From a21daa1ee29de1a90014e5be264c244639d51f91 Mon Sep 17 00:00:00 2001 From: Guillaume Verdon Date: Wed, 1 Feb 2017 22:18:34 +0100 Subject: [PATCH 4/7] Corrected code style --- src/Symfony/Component/Process/Tests/ProcessUtilsTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php b/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php index 1b3f3271a208a..6949887b67792 100644 --- a/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php +++ b/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php @@ -43,7 +43,7 @@ public function dataArguments() array("'<|>\" \"'\\''f'", '<|>" "\'f'), array("''", ''), array("'with\\trailingbs\\'", 'with\trailingbs\\'), - array("'withNonAsciiAccentLikeéÉèÈàÀöä'", "withNonAsciiAccentLikeéÉèÈàÀöä") + array("'withNonAsciiAccentLikeéÉèÈàÀöä'", "withNonAsciiAccentLikeéÉèÈàÀöä"), ); } } From 773402351e7eb01e30420bed952dfc5fe923977d Mon Sep 17 00:00:00 2001 From: Guillaume Verdon Date: Wed, 1 Feb 2017 22:18:34 +0100 Subject: [PATCH 5/7] Corrected code style --- src/Symfony/Component/Process/Tests/ProcessUtilsTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php b/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php index 1b3f3271a208a..6949887b67792 100644 --- a/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php +++ b/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php @@ -43,7 +43,7 @@ public function dataArguments() array("'<|>\" \"'\\''f'", '<|>" "\'f'), array("''", ''), array("'with\\trailingbs\\'", 'with\trailingbs\\'), - array("'withNonAsciiAccentLikeéÉèÈàÀöä'", "withNonAsciiAccentLikeéÉèÈàÀöä") + array("'withNonAsciiAccentLikeéÉèÈàÀöä'", "withNonAsciiAccentLikeéÉèÈàÀöä"), ); } } From b255302b1aeda8d318e6cb4a14eceb6dad47bce5 Mon Sep 17 00:00:00 2001 From: Guillaume Verdon Date: Wed, 1 Feb 2017 22:23:57 +0100 Subject: [PATCH 6/7] Amended last commit.. I'm tired --- src/Symfony/Component/Process/ProcessUtils.php | 4 ++-- src/Symfony/Component/Process/Tests/ProcessUtilsTest.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Symfony/Component/Process/ProcessUtils.php b/src/Symfony/Component/Process/ProcessUtils.php index 5eccb67e6b577..3b8e39472aff8 100644 --- a/src/Symfony/Component/Process/ProcessUtils.php +++ b/src/Symfony/Component/Process/ProcessUtils.php @@ -38,7 +38,6 @@ private function __construct() */ public static function escapeArgument($argument) { - //Fix for PHP bug #43784 escapeshellarg removes % from given string //Fix for PHP bug #49446 escapeshellarg doesn't work on Windows //@see https://bugs.php.net/bug.php?id=43784 @@ -71,7 +70,8 @@ public static function escapeArgument($argument) return $escapedArgument; } - return "'" . str_replace("'", "'\\''", $argument) . "'"; + + return "'".str_replace("'", "'\\''", $argument)."'"; } /** diff --git a/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php b/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php index 6949887b67792..0f554b6151801 100644 --- a/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php +++ b/src/Symfony/Component/Process/Tests/ProcessUtilsTest.php @@ -43,7 +43,7 @@ public function dataArguments() array("'<|>\" \"'\\''f'", '<|>" "\'f'), array("''", ''), array("'with\\trailingbs\\'", 'with\trailingbs\\'), - array("'withNonAsciiAccentLikeéÉèÈàÀöä'", "withNonAsciiAccentLikeéÉèÈàÀöä"), + array("'withNonAsciiAccentLikeéÉèÈàÀöä'", 'withNonAsciiAccentLikeéÉèÈàÀöä'), ); } } From 93201c142f1dad7cf01d28c7ef51714ee9d9ef14 Mon Sep 17 00:00:00 2001 From: Guillaume Verdon Date: Wed, 1 Feb 2017 22:25:32 +0100 Subject: [PATCH 7/7] Removing ghost tabulation --- src/Symfony/Component/Process/ProcessUtils.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Symfony/Component/Process/ProcessUtils.php b/src/Symfony/Component/Process/ProcessUtils.php index 3b8e39472aff8..cbc95708ed4a6 100644 --- a/src/Symfony/Component/Process/ProcessUtils.php +++ b/src/Symfony/Component/Process/ProcessUtils.php @@ -70,7 +70,7 @@ public static function escapeArgument($argument) return $escapedArgument; } - + return "'".str_replace("'", "'\\''", $argument)."'"; }