Fix issue with registry entries not getting quoted properly #404
Conversation
conda-bot
added
the
cla-signed
tests/test_utils.py
Outdated
| assert output == [ | ||
| '"cmd.exe"', | ||
| '/C', | ||
| '""echo" "Hello World""' |
There was a problem hiding this comment.
Isn't this generated incorrectly? When I tried the generated command:
C:\Windows\System32>"cmd.exe" /C ""echo" "Hello World""
'"echo"' is not recognized as an internal or external command,
operable program or batch file.
What should be generated is the following:
C:\Windows\System32>"cmd.exe" /C "echo "Hello World""
"Hello World"
I have not fixed it in this PR but something I wanted to bring up, for now the test only verifies the incorrect behavior.
There was a problem hiding this comment.
I would agree with you, echo should not be surrounded by quotes.
There was a problem hiding this comment.
I've fixed the issue in commit a36c3c1. I wonder however if can remove the function ensure_pad or change it. It is only used inside the method WinLex.quote_args, and only with the input argument pad = '"' (which is different from the default _). I see also that a copy of the same function exists inside the legacy code, but I would suggest:
- Rename to
ensure_quotedoradd_quotes_if_needed. - Remove the
padkeyword argument since we only use it with". - Leave the legacy function as is.
However, not sure if this is a class imported by othermenuinstusers, if so, we could deprecate it.
There was a problem hiding this comment.
A lot of users still use v1 shortcuts, so the legacy part needs to stay for now. I would also say to leave it as is until we have a deprecation plan.
I'm not sure if ensure_pad is the right place to make that change. Creating a special case there is a little opaque. Wouldn't quote_args be the better place, i.e., only call ensure_pad if there is a space in the string?
There was a problem hiding this comment.
I agree with you. I've made some fixes now.
|
|
||
| # Don't touch shell meta tokens; quoting would change meaning. | ||
| # Example: echo %FOO%> output.txt | ||
| if cls._has_shell_meta(s): |
There was a problem hiding this comment.
This was added because tests broke from my initial changes (in particular it was the or '%' in s in quote_string that caused it:
https://github.com/conda/menuinst/actions/runs/19366298809
There was a problem hiding this comment.
I'm trying to understand the impact of this. That would mean that echo %FOO%> output.txt would be quoted differently than echo %FOO% > output.txt
There was a problem hiding this comment.
There are a lot of more changes now but it works now based on the testing. I've done some additional testing locally with other workflows where menuinst is used.
There are a lot more changes now compared to before, but it's ready for another round of review.
lrandersson
force-pushed
the
dev-ra-290
branch
from
4e59d0e to
4a0d634
Compare
marcoesters
left a comment
marcoesters
left a comment
There was a problem hiding this comment.
This looks quite extensive. Just minor code suggestions and some remaining questions.
| script = self._write_script() | ||
| if self.metadata["terminal"]: | ||
| command = ["cmd", "/D", "/K", f'"{script}"'] | ||
| command = ["cmd", "/D", "/K", str(script)] |
There was a problem hiding this comment.
Will removing the quotes be a problem for paths with spaces? I don't see a test covering that example.
There was a problem hiding this comment.
The quotes are actually not removed, it's just that we let WinLex.quote_args do the work instead of manually quoting it here, to have more of a single source of quoting. Note that we return return WinLex.quote_args(command) instead of return command in this PR.
| Return True if input refers to cmd.exe or %COMSPEC%. Here, 'refers' implies variants of | ||
| cmd, cmd.exe, <some path>/cmd and accounting for quoted input. |
There was a problem hiding this comment.
Maybe call it _is_cmd_exe then? _is_cmd could also be interpreted as "is (a) command"
There was a problem hiding this comment.
Good point, fixed!
menuinst/utils.py
Outdated
| len(args) > 2 | ||
| and ("CMD.EXE" in args[0].upper() or "%COMSPEC%" in args[0].upper()) | ||
| and cls._is_cmd(args[0]) | ||
| and (args[1].upper() == "/K" or args[1].upper() == "/C") |
There was a problem hiding this comment.
You are using quote_args now in a function that prepends the script with cmd.exe /D /K, so args[1] will be /D even though /K is added. Will this cause any issues? Does the check need to be more robust to parse all flags?
There was a problem hiding this comment.
Good catch, I made a more generic fix here 1acbcfc, I also added another test and parametrized it to verify it works for both /C and /K.
menuinst/utils.py
Outdated
| return s | ||
|
|
||
| # Don't add quotes for minus or leading space | ||
| if s and s[0] in ("-", " "): |
There was a problem hiding this comment.
| if s and s[0] in ("-", " "): | |
| if s[0] in ("-", " "): |
You already return if s is an empty string.
menuinst/utils.py
Outdated
| return f'"{s}"' | ||
|
|
||
| if " " in s: | ||
| return '"%s"' % s |
There was a problem hiding this comment.
| return '"%s"' % s | |
| return f'"{s}"' |
menuinst/utils.py
Outdated
| """ | ||
| if not name: | ||
| return name | ||
| if not name or name[0] == name[-1] == pad: |
There was a problem hiding this comment.
| if not name or name[0] == name[-1] == pad: | |
| if name[0] == name[-1] == pad: |
tests/test_utils.py
Outdated
|
|
||
|
|
||
| def test_quote_args_1(): | ||
| """Verify the input arguments are quoted.""" |
There was a problem hiding this comment.
| """Verify the input arguments are quoted.""" | |
| """Verify that input arguments are quoted.""" |
lrandersson
force-pushed
the
dev-ra-290
branch
from
a26c392 to
1acbcfc
Compare
3 participants
Description
Checklist - did you ...
newsdirectory (using the template) for the next release's release notes?