fix: allow quoted Windows shell metacharacters

This commit is contained in:
777genius 2026-06-06 23:33:57 +03:00
parent 392d89bbf0
commit 8b75625af2
2 changed files with 41 additions and 18 deletions

View file

@ -247,8 +247,6 @@ function quoteArg(arg: string): string {
return quoteWindowsCmdArg(arg);
}
const WINDOWS_SHELL_UNSAFE_META_CHAR_RE = /[&|<>^]/u;
function containsWindowsShellUnsafeControlChar(part: string): boolean {
for (let index = 0; index < part.length; index += 1) {
const code = part.charCodeAt(index);
@ -263,9 +261,6 @@ function assertSafeWindowsShellFallbackPart(part: string): void {
if (containsWindowsShellUnsafeControlChar(part)) {
throw new Error('Unsafe Windows shell fallback argument: control characters are not allowed');
}
if (WINDOWS_SHELL_UNSAFE_META_CHAR_RE.test(part)) {
throw new Error('Unsafe Windows shell fallback argument: shell metacharacters are not allowed');
}
}
function buildWindowsShellFallbackCommand(parts: string[]): string {

View file

@ -326,22 +326,31 @@ describe('cli child process helpers', () => {
expect(spawnMock.mock.calls[0][2]).not.toHaveProperty('shell');
});
it('rejects shell metacharacters only when Windows shell fallback is needed', () => {
it('quotes shell metacharacters when Windows shell fallback is needed', () => {
setPlatform('win32');
const spawnMock = child.spawn as unknown as Mock;
spawnMock.mockReturnValue(createMockProcess<SpawnCliChild>());
for (const unsafeArg of ['safe&bad', 'safe|bad', 'safe<bad', 'safe>bad', 'safe^bad']) {
expect(() => spawnCli('C:\\Users\\Алексей\\bin\\claude.cmd', [unsafeArg])).toThrow(
'shell metacharacters are not allowed'
);
expect(() =>
spawnCli('C:\\Users\\R&D\\bin\\claude.cmd', [
'safe&bad',
'safe|bad',
'safe<bad',
'safe>bad',
'safe^bad',
])
).not.toThrow();
expect(spawnMock).toHaveBeenCalledTimes(1);
const shellCmd = spawnMock.mock.calls[0][1][3] as string;
expect(shellCmd).toContain('"C:\\Users\\R&D\\bin\\claude.cmd"');
for (const shellArg of ['safe&bad', 'safe|bad', 'safe<bad', 'safe>bad', 'safe^bad']) {
expect(shellCmd).toContain(`"${shellArg}"`);
}
expect(spawnMock).not.toHaveBeenCalled();
spawnCli('C:\\bin\\claude.exe', ['safe&argv']);
expect(spawnMock.mock.calls[0][0]).toBe('C:\\bin\\claude.exe');
expect(spawnMock.mock.calls[0][1]).toEqual(['safe&argv']);
expect(spawnMock.mock.calls[0][2]).not.toHaveProperty('shell');
expect(spawnMock.mock.calls[1][0]).toBe('C:\\bin\\claude.exe');
expect(spawnMock.mock.calls[1][1]).toEqual(['safe&argv']);
expect(spawnMock.mock.calls[1][2]).not.toHaveProperty('shell');
});
it('does not use shell when not on windows', () => {
@ -681,14 +690,33 @@ describe('cli child process helpers', () => {
expect(execFileMock).toHaveBeenCalledTimes(1);
});
it('rejects shell metacharacters when execCli needs Windows shell fallback', async () => {
it('quotes shell metacharacters when execCli needs Windows shell fallback', async () => {
setPlatform('win32');
const execFileMock = child.execFile as unknown as Mock;
execFileMock.mockImplementation(
(_cmd: string, _args: string[], _opts: unknown, cb: ExecCallback) => {
cb(null, 'ok', '');
return createMockProcess<ExecChild>();
}
);
await expect(
execCli('C:\\Users\\Алексей\\bin\\claude.cmd', ['safe&bad'])
).rejects.toThrow('shell metacharacters are not allowed');
expect(execFileMock).not.toHaveBeenCalled();
execCli('C:\\Users\\R&D\\bin\\claude.cmd', ['safe&bad', 'safe^bad'])
).resolves.toMatchObject({ stdout: 'ok' });
expect(execFileMock).toHaveBeenCalledWith(
expect.stringMatching(/cmd\.exe$/i),
[
'/d',
'/s',
'/c',
expect.stringContaining('"C:\\Users\\R&D\\bin\\claude.cmd"'),
],
expect.any(Object),
expect.any(Function)
);
const shellCmd = execFileMock.mock.calls[0][1][3] as string;
expect(shellCmd).toContain('"safe&bad"');
expect(shellCmd).toContain('"safe^bad"');
});
it('preserves stdout and stderr on execFile failures', async () => {