fix: sanitize windows node argv
This commit is contained in:
Peter Steinberger
@@ -52,13 +52,19 @@ export async function runCli(argv: string[] = process.argv) {
|
|||||||
function stripWindowsNodeExec(argv: string[]): string[] {
|
function stripWindowsNodeExec(argv: string[]): string[] {
|
||||||
if (process.platform !== "win32") return argv;
|
if (process.platform !== "win32") return argv;
|
||||||
const normalizeArg = (value: string): string => value.replace(/^"+|"+$/g, "");
|
const normalizeArg = (value: string): string => value.replace(/^"+|"+$/g, "");
|
||||||
const execPath = normalizeArg(process.execPath);
|
const normalizeCandidate = (value: string): string => normalizeArg(value).replace(/^\\\\\\?\\/, "");
|
||||||
|
const execPath = normalizeCandidate(process.execPath);
|
||||||
const execPathLower = execPath.toLowerCase();
|
const execPathLower = execPath.toLowerCase();
|
||||||
const execBase = path.basename(execPath).toLowerCase();
|
const execBase = path.basename(execPath).toLowerCase();
|
||||||
const isExecPath = (value: string | undefined): boolean => {
|
const isExecPath = (value: string | undefined): boolean => {
|
||||||
if (!value) return false;
|
if (!value) return false;
|
||||||
const lower = normalizeArg(value).toLowerCase();
|
const lower = normalizeCandidate(value).toLowerCase();
|
||||||
return lower === execPathLower || path.basename(lower) === execBase;
|
return (
|
||||||
|
lower === execPathLower ||
|
||||||
|
path.basename(lower) === execBase ||
|
||||||
|
lower.endsWith("\\node.exe") ||
|
||||||
|
lower.endsWith("/node.exe")
|
||||||
|
);
|
||||||
};
|
};
|
||||||
const filtered = argv.filter((arg, index) => index === 0 || !isExecPath(arg));
|
const filtered = argv.filter((arg, index) => index === 0 || !isExecPath(arg));
|
||||||
if (filtered.length < 3) return filtered;
|
if (filtered.length < 3) return filtered;
|
||||||
|
|||||||
14
src/entry.ts
14
src/entry.ts
@@ -60,14 +60,20 @@ function ensureExperimentalWarningSuppressed(): boolean {
|
|||||||
function normalizeWindowsArgv(argv: string[]): string[] {
|
function normalizeWindowsArgv(argv: string[]): string[] {
|
||||||
if (process.platform !== "win32") return argv;
|
if (process.platform !== "win32") return argv;
|
||||||
if (argv.length < 3) return argv;
|
if (argv.length < 3) return argv;
|
||||||
const execPath = process.execPath;
|
const normalizeArg = (value: string): string => value.replace(/^"+|"+$/g, "");
|
||||||
|
const normalizeCandidate = (value: string): string => normalizeArg(value).replace(/^\\\\\\?\\/, "");
|
||||||
|
const execPath = normalizeCandidate(process.execPath);
|
||||||
const execPathLower = execPath.toLowerCase();
|
const execPathLower = execPath.toLowerCase();
|
||||||
const execBase = path.basename(execPath).toLowerCase();
|
const execBase = path.basename(execPath).toLowerCase();
|
||||||
const normalizeArg = (value: string): string => value.replace(/^"+|"+$/g, "");
|
|
||||||
const isExecPath = (value: string | undefined): boolean => {
|
const isExecPath = (value: string | undefined): boolean => {
|
||||||
if (!value) return false;
|
if (!value) return false;
|
||||||
const lower = normalizeArg(value).toLowerCase();
|
const lower = normalizeCandidate(value).toLowerCase();
|
||||||
return lower === execPathLower || path.basename(lower) === execBase;
|
return (
|
||||||
|
lower === execPathLower ||
|
||||||
|
path.basename(lower) === execBase ||
|
||||||
|
lower.endsWith("\\node.exe") ||
|
||||||
|
lower.endsWith("/node.exe")
|
||||||
|
);
|
||||||
};
|
};
|
||||||
const arg1 = path.basename(argv[1] ?? "").toLowerCase();
|
const arg1 = path.basename(argv[1] ?? "").toLowerCase();
|
||||||
const arg2 = path.basename(argv[2] ?? "").toLowerCase();
|
const arg2 = path.basename(argv[2] ?? "").toLowerCase();
|
||||||
|
|||||||
Reference in New Issue
Block a user