Fix win execution with whitespace in username #351

This commit addresses the issue where scripts fail to execute on Windows environments with usernames containing spaces. The problem stemmed from PowerShell and cmd shell's handling of spaces in quoted arguments. The solution involves encoding PowerShell commands before execution, which mitigates the quoting issues previously causing script failures. This approach is now integrated into the execution flow, ensuring that commands are correctly handled irrespective of user names or other variables that may include spaces. Changes: - Implement encoding for PowerShell commands to handle spaces in usernames and other similar scenarios. - Update script documentation URLs to reflect changes in directory structure. Fixes #351
2024-05-07 13:57:19 +02:00
parent 1d7cafc831
commit a3343205b1
13 changed files with 241 additions and 50 deletions
--- a/src/infrastructure/CodeRunner/Execution/CommandDefinition/Commands/PowerShellInvoke/EncodedPowerShellInvokeCmdCommandCreator.ts
+++ b/src/infrastructure/CodeRunner/Execution/CommandDefinition/Commands/PowerShellInvoke/EncodedPowerShellInvokeCmdCommandCreator.ts
@@ -0,0 +1,32 @@
+import type { PowerShellInvokeShellCommandCreator } from './PowerShellInvokeShellCommandCreator';
+
+/**
+  Encoding PowerShell commands resolve issues with quote handling.
+
+  There are known problems with PowerShell's handling of double quotes in command line arguments:
+  - Quote stripping in PowerShell command line arguments: https://web.archive.org/web/20240507102706/https://stackoverflow.com/questions/6714165/powershell-stripping-double-quotes-from-command-line-arguments
+  - privacy.sexy double quotes issue when calling PowerShell from command line: https://web.archive.org/web/20240507102841/https://github.com/undergroundwires/privacy.sexy/issues/351
+  - Challenges with single quotes in PowerShell command line: https://web.archive.org/web/20240507102047/https://stackoverflow.com/questions/20958388/command-line-escaping-single-quote-for-powershell
+
+  Using the `EncodedCommand` parameter is recommended by Microsoft for handling
+  complex quoting scenarios. This approach helps avoid issues by encoding the entire
+  command as a Base64 string:
+  - Microsoft's documentation on using the `EncodedCommand` parameter: https://web.archive.org/web/20240507102733/https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_powershell_exe?view=powershell-5.1#-encodedcommand-base64encodedcommand
+*/
+export class EncodedPowerShellInvokeCmdCommandCreator
+implements PowerShellInvokeShellCommandCreator {
+  public createCommandToInvokePowerShell(powerShellScript: string): string {
+    return generateEncodedPowershellCommand(powerShellScript);
+  }
+}
+
+function generateEncodedPowershellCommand(powerShellScript: string): string {
+  const encodedCommand = encodeForPowershellExecution(powerShellScript);
+  return `PowerShell -EncodedCommand ${encodedCommand}`;
+}
+
+function encodeForPowershellExecution(script: string): string {
+  // The string must be formatted using UTF-16LE character encoding, see: https://web.archive.org/web/20240507102733/https://learn.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_powershell_exe?view=powershell-5.1#-encodedcommand-base64encodedcommand
+  const buffer = Buffer.from(script, 'utf16le');
+  return buffer.toString('base64');
+}
--- a/src/infrastructure/CodeRunner/Execution/CommandDefinition/Commands/PowerShellInvoke/PowerShellInvokeShellCommandCreator.ts
+++ b/src/infrastructure/CodeRunner/Execution/CommandDefinition/Commands/PowerShellInvoke/PowerShellInvokeShellCommandCreator.ts
@@ -0,0 +1,3 @@
+export interface PowerShellInvokeShellCommandCreator {
+  createCommandToInvokePowerShell(powerShellCommand: string): string;
+}