dcrt0.cc: impossible to pass double quotes to application if noglob is enabled

[d0ggie]

Hi.

As of 79a9de5 double quote handling in dcrt0.cc build_argv () is inconsistent when MSYS=noglob is used.

If winshell is set, only backslash characters are skipped. However, noglob causes quoted () to jump to (any) next double quote character. This is not good, as there might be escaped double quotes in the path, which should be skipped when looking for the next (unescaped) double quote.

msys2-runtime/winsup/cygwin/dcrt0.cc

Lines 162 to 169 in 79a9de5

	if (!winshell || !glob)
	{
	char *p;
	strcpy (cmd, cmd + 1);
	if (*(p = strchrnul (cmd, quote)))
	strcpy (p, p + 1);
	return p;
	}

build_argv () is also called when launched via strace, which complicates debugging this issue. This issue is also present when new processes are created via CreateProcessA and/or CreateProcessW API in similar circumstances.

noglob is required, if the application would like to use command line arguments longer than 8192 characters and the command line includes any of the following characters: ?*["'(){} (note that both single and double quote characters are included meaning that glob () code is typically hit for shell one-liners). This is because glob () truncates the input, when making Unicode conversion for the pattern. For some reason (perhaps chicked and egg type problem), the buffer is not allocated from heap, but from stack, and this is why the limit is so low.

Nevertheless, if build_argv () is to be called, but glob isn't set, there appears to be no method to pass a double quotes to the application. Consider the following example application:

# cat dump.c
#include <windows.h>
#include <stdio.h>
#include <string.h>
int main (int argc, char ** argv)
  {
  fprintf(stderr, "``%s''.\n", GetCommandLineA());
  for (char ** argp = argv; argp < &argv[argc]; ++argp)
  fprintf(stderr, "\%ld: `%s', length = %lu\n",
      argp - argv, *argp, strlen(*argp));
  return 0;
  }
# gcc -Wall -Wextra dump.c -o dump

When executed inside a typical shell. I presume this works because the shell uses spawn () or fork () and exec (), as unless winshell is set, the quoting behavior is similar to noglob being currently set.

# MSYS=noglob ./dump.exe "\"\\\"hello, world\\\", said quoteception\""
``<...>\dump.exe "\"\\\"hello, world\\\", said quoteception\""''.
0: `./dump', length = 6
1: `"\"hello, world\", said quoteception"', length = 37

So far so good. However, pass thru strace to trigger build_argv (). The same effect can be archieved by executing the application directly from Windows, command prompt etc.

# MSYS=noglob strace ./dump.exe "\"\\\"hello, world\\\", said quoteception\"" |grep arg
   54   24093 [main] dump NNNN build_argv: cmd = '<...>\dump.exe """\""hello, world\"", said quoteception"""', winshell = 1, glob = 0
   64   24157 [main] dump NNNN build_argv: argv[0] = '<...>\dump.exe'
   33   24190 [main] dump NNNN build_argv: argv[1] = '\hello, world\, said quoteception'
   32   24222 [main] dump NNNN build_argv: argc 2
``<...>\dump.exe """\""hello, world\"", said quoteception"""''.
0: `<...>/dump', length = N
1: `\hello, world\, said quoteception', length = 33

The double quotes are now gone, meaning that the application (e.g. shell script) will not likely work as expected.