Automatic parameter escaping in syscall.StarProcess on windows is too restrictive

[vanackere]

Windows parameters are transmitted as a single string and it is the responsibility of
each program to do it's own parameter parsing.

Microsoft's C startup code (http://msdn.microsoft.com/en-us/library/ms880421) defines a
standard way for C programs to split the command line into separate arguments and go's
syscall.StartProcess does the correct escaping for those cases.

However, some programs - and most notably the cmd.exe shell - do their own command line
parameter parsing. As an example, if passed the following arguments :
  cmd /s /c "cd "C:\Program Files" && dir"
then cmd.exe will parse its arguments as follows :
  /s
  /c
  cd "C:\Program Files" && dir

See http://ss64.com/nt/cmd.html (see section on /C or /K flags which describes the logic
used to process quote (") characters).

The bug is that there is currently no way to prevent escaping of command line parameters
and therefore no way to execute the previous command from syscall.StartProcess because
the double quotes in the last argument are automatically escaped...

[alexbrainman]

Comment 1:

Perhaps, you could illustrate your point with an example, like:
"This go program .... outputs this .... while I would expect to see ... instead."
Thank you.
Alex

Status changed to WaitingForReply.

[alexbrainman]

Comment 2:

Owner changed to @alexbrainman.

[vanackere]

Comment 3:

The current API does the right thing with C-based windows program that don't directly
access the command line. Therefore I cannot write an example program without extending
the API or it would break valid programs...
All I can say is : there is currently no way to execute the following command :
 cmd.exe /s /c "cd "C:\Program Files" && dir"
(I should also mention that the python subprocess.Popen function allows to pass a string
instead of a command line on windows (http://docs.python.org/library/subprocess.html,
17.1.1) and does not suffer from this restriction.)
A possible alternative that would fix all my cases would be to not apply any escaping
for an argument if it is already enclosed with quotes. I believe this would then
automatically handle both the cmd.exe and Delphi program cases without any API
changes... 
Programs needing explicit escaping then can do the escaping before passing the argument
down to os.StartProces & co. Any opinion ?
Vincent

[vanackere]

Comment 4:

Hi,
I'm attaching a sample program that will probably better explains the problem.
I'm also attaching a custom version of syscall/exec_windows.go with a possible
alternative. Any alternative/suggestion welcome (I'm not attached to any particular
solution to this problem, I just need one that works...).
Thanks,
Vincent

Attachments:

1. issue1849.go (1715 bytes)
2. exec_windows.go (6809 bytes)

[alexbrainman]

Comment 5:

Vincent,
You could replace argument list with this:
args_cmd := []string{"cmd", "/c", "cd", `C:\Program Files`, "&&", "dir", "/a", "/b"}
to get your example to work.
But I can see your problem now. I think, in essence, the problem is that cmd.exe (ms
own) and some others don't use syscall.CommandLineToArgv to parse command line into
arguments, but employ some of their own algorithm to do it. Is that a fare description?
If that is the case, then I agree with you, I can't see any other way, but to provide go
users with a way to not use "standard" procedure of encoding arguments into command
line, but to employ their own.
Your proposed change http://golang.org/cl/4548050/ looks simple enough, but
there is too much mystery / magic in it - user needs to remember to put 0 as first char
of parameters it doesn't want to escape. I would rather do something similar to your
original proposal. Perhaps, we could have new field ProcAttr.CmdLine:
type ProcAttr struct {
        Dir        string
        Env        []string
        Files      []int
        HideWindow bool
}       CmdLine    string
where user can specify "command line" encoded and escaped to his / her taste.
syscall.StartProcess will check for ProcAttr.CmdLine not empty and use it, ignoring argv.
Russ, please comment.
Alex

Labels changed: added os-windows, packagechange.

Status changed to Accepted.

[rsc]

Comment 6:

This issue was closed by revision f18a4e9.

Status changed to Fixed.