Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8282008

Incorrect handling of quoted arguments in ProcessBuilder

    XMLWordPrintable

    Details

    • Subcomponent:
    • Resolved In Build:
      b19
    • CPU:
      x86_64
    • OS:
      windows_10

      Backports

        Description

        For example, it's needed to execute the following command on Windows:
        C:\Windows\SysWOW64\WScript.exe "MyVB.vbs" "C:\Program Files\Git\" "Test"
        it's equal to:
        new ProcessBuilder("C:\\Windows\\SysWOW64\\WScript.exe", "MyVB.vbs", "\"C:\\Program Files\\Git\\\"", "Test").start();

        But the result of processing "\"C:\\Program Files\\Git\\\"" is
        1) "C:\Program" and "Files\Git\" if jdk.lang.Process.allowAmbiguousCommands = true;
        2) "\C:\Program" and "Files\Git\\\" if jdk.lang.Process.allowAmbiguousCommands = false.

        The behavior was changed with JDK-8250568, CVE-2021-2161 (Bug 1951231 (CVE-2021-2161) - CVE-2021-2161 OpenJDK: Incorrect handling of partially quoted arguments in ProcessBuilder on Windows (Libraries, 8250568), https://bugzilla.redhat.com/show_bug.cgi?id=1951231 ).
        During this security fix the restriction to the string ending with "\\\"" was added so now such a string is treated as unquoted even it begins with a quote.

          Attachments

          1. Main.java
            0.4 kB
          2. MyVB.vbs
            0.3 kB

            Issue Links

              Activity

                People

                Assignee:
                rriggs Roger Riggs
                Reporter:
                omikhaltcova Olga Mikhaltcova
                Votes:
                1 Vote for this issue
                Watchers:
                10 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved: