--- parser3/src/main/pa_exec.C	2016/11/28 22:42:58	1.89
+++ parser3/src/main/pa_exec.C	2024/11/24 15:37:10	1.99
@@ -1,8 +1,8 @@
 /** @file
 	Parser: program executing for different OS-es.
 
-	Copyright (c) 2001-2015 Art. Lebedev Studio (http://www.artlebedev.com)
-	Author: Alexandr Petrosian <paf@design.ru> (http://paf.design.ru)
+	Copyright (c) 2001-2024 Art. Lebedev Studio (http://www.artlebedev.com)
+	Authors: Konstantin Morshnev <moko@design.ru>, Alexandr Petrosian <paf@design.ru>
 
 	@todo setrlimit
 */
@@ -13,7 +13,7 @@
 #include "pa_exception.h"
 #include "pa_common.h"
 
-volatile const char * IDENT_PA_EXEC_C="$Id: pa_exec.C,v 1.89 2016/11/28 22:42:58 moko Exp $" IDENT_PA_EXEC_H;
+volatile const char * IDENT_PA_EXEC_C="$Id: pa_exec.C,v 1.99 2024/11/24 15:37:10 moko Exp $" IDENT_PA_EXEC_H;
 
 #ifdef _MSC_VER
 
@@ -79,7 +79,7 @@ static DWORD CreateHiddenConsoleProcess(
 	
 	// calculating script's directory
 	char dir[MAX_STRING];
-	strncpy(dir, szScriptFileSpec, MAX_STRING-1); dir[MAX_STRING-1]=0;
+	pa_strncpy(dir, szScriptFileSpec, MAX_STRING);
 	lsplit(dir,' '); // trim arguments
 	rsplit(dir,'/'); rsplit(dir,'\\'); // trim filename
 	
@@ -165,9 +165,40 @@ static void read_pipe(File_read_result&
 	}
 }
 
+static const char* shell_quote(const char *arg) {
+	size_t length = strlen(arg);
+	if (length >= 2 && arg[0] == '"' && arg[length - 1] == '"')
+		return arg; // allready qouted
+
+	size_t extra_length = 2; // opening and closing quotes
+	for(const char *src = arg; *src; src++){
+		if (*src == '"' || *src == '\\' || *src == '%')
+			extra_length++;
+	}
+
+	char *result = (char *)pa_malloc(length + extra_length + 1);
+	char *dest = result;
+
+	*dest++ = '"';
+
+	for(const char *src=arg; *src;){
+		char c = *src++;
+		if(c == '"' || c == '\\'){
+			*dest++ = '\\';
+		} else if (c == '%'){
+			*dest++ = '%'; // doubling '%'
+		}
+		*dest++ = c;
+	}
+
+	*dest++ = '"';
+	*dest = '\0';
+	return result;
+}
+
 static const char* buildCommand(const char* file_spec_cstr, const ArrayString& argv) {
 	const char* result=file_spec_cstr;
-	if(FILE *f=fopen(file_spec_cstr, "r")) {
+	if(FILE *f=pa_fopen(file_spec_cstr, "r")) {
 		try {
 		char buf[MAX_STRING];
 		size_t size=fread(buf, 1, MAX_STRING-1, f);
@@ -194,7 +225,7 @@ static const char* buildCommand(const ch
 		String string(result);
 		for(size_t i=0; i<argv.count(); i++) {
 			string << " ";
-			string << *argv[i];
+			string << shell_quote(argv[i]->cstr());
 		}
 
 		result=string.cstr();
@@ -283,7 +314,7 @@ static pid_t execve_piped(const char* fi
 	
 		// chdir to script's directory
 		char dir[MAX_STRING];
-		strncpy(dir, file_spec_cstr, MAX_STRING-1); dir[MAX_STRING-1]=0;
+		pa_strncpy(dir, file_spec_cstr, MAX_STRING);
 		rsplit(dir,'/'); // trim filename
 		chdir(dir);
 
@@ -313,7 +344,7 @@ static pid_t execve_piped(const char* fi
 }
 
 static int get_exit_status(int pid) {
-	int status;
+	int status=0;
 	pid_t cid;
 	while ((cid=waitpid(pid, &status, WUNTRACED)) == -1 && errno == EINTR);	
 	if(!cid)
@@ -335,7 +366,7 @@ static void read_pipe(String& result, in
 
 static void read_pipe(File_read_result& result, int file){
 	char *buf=(char*)pa_malloc(MAX_STRING+1);
-	ssize_t bufsize = MAX_STRING;
+	size_t bufsize = MAX_STRING;
 
 	result.headers = 0;
 	result.length = 0;
@@ -368,7 +399,6 @@ struct Append_env_pair_info {
 };
 #endif
 
-///@test maybe here and at argv construction --- untaint_cstr(String::L_AS_IS
 static void append_env_pair(HashStringString::key_type key, HashStringString::value_type value,
 		Append_env_pair_info *info) {
 #ifdef _MSC_VER
@@ -442,7 +472,7 @@ PA_exec_result pa_exec(bool forced_allow
 
 	if(!forced_allow) {
 		struct stat finfo;
-		if(stat(file_spec_cstr, &finfo)!=0)
+		if(pa_stat(file_spec_cstr, &finfo)!=0)
 			throw Exception("file.missing", &file_spec, "stat failed: %s (%d), actual filename '%s'", strerror(errno), errno, file_spec_cstr);
 
 		check_safe_mode(finfo, file_spec, file_spec_cstr);