Skip to content

Commit 76af53b

Browse files
squeek502squeek502
committed
std.process: Improve doc comments of Windows argv -> command line functions
1 parent 45a378b commit 76af53b

File tree

1 file changed

+16
-0
lines changed

1 file changed

+16
-0
lines changed

lib/std/process.zig

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1934,6 +1934,8 @@ pub const WindowsCommandLineCache = struct {
19341934
}
19351935
};
19361936

1937+
/// Returns the absolute path of `cmd.exe` within the Windows system directory.
1938+
/// The caller owns the returned slice.
19371939
pub fn windowsCmdExePath(allocator: mem.Allocator) error{ OutOfMemory, Unexpected }![:0]u16 {
19381940
var buf = try std.ArrayListUnmanaged(u16).initCapacity(allocator, 128);
19391941
errdefer buf.deinit(allocator);
@@ -1965,6 +1967,12 @@ pub const ArgvToCommandLineError = error{ OutOfMemory, InvalidWtf8, InvalidArg0
19651967

19661968
/// Serializes `argv` to a Windows command-line string suitable for passing to a child process and
19671969
/// parsing by the `CommandLineToArgvW` algorithm. The caller owns the returned slice.
1970+
///
1971+
/// To avoid arbitrary command execution, this function should not be used when spawning
1972+
/// `.bat`/`.cmd` scripts, meaning the extension of argv[0] should be known to not be `.bat`/`.cmd`.
1973+
/// https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/
1974+
///
1975+
/// If the extension of argv[0] is `.bat`/`.cmd`, see `argvToScriptCommandLineWindows` instead.
19681976
pub fn argvToCommandLineWindows(
19691977
allocator: mem.Allocator,
19701978
argv: []const []const u8,
@@ -2133,6 +2141,14 @@ pub const ArgvToScriptCommandLineError = error{
21332141
///
21342142
/// Escapes `argv` using the suggested mitigation against arbitrary command execution from:
21352143
/// https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/
2144+
///
2145+
/// The return of this function will look like
2146+
/// `cmd.exe /d /e:ON /v:OFF /c "<escaped command line>"`
2147+
/// and should be used as the `lpCommandLine` of `CreateProcessW`, while the
2148+
/// return of `windowsCmdExePath` should be used as `lpApplicationName`.
2149+
///
2150+
/// Should only be used when spawning `.bat`/`.cmd` scripts, see `argvToCommandLineWindows` otherwise.
2151+
/// The `.bat`/`.cmd` file must be known to both have the `.bat`/`.cmd` extension and exist on the filesystem.
21362152
pub fn argvToScriptCommandLineWindows(
21372153
allocator: mem.Allocator,
21382154
/// Path to the `.bat`/`.cmd` script. If this path is relative, it is assumed to be relative to the CWD.

0 commit comments

Comments
 (0)