Re: Fixing Windows and DOS command line argument quoting

[Daniel Colascione]

On 4/26/2011 5:58 PM, Ben Key wrote:
> Daniel Colascione writes:
>
>  > After another reading of cmdproxy.c, I also see that the
>  > CreateProcess path also doesn't expand environment %variable%
>  > references, and that doesn't fall back to cmd if the command
>  > to be executed contains them.  While we could expand these
>  > variables, doing so would move us even closer to
>  > reimplementing half of cmd.exe.
>
> You are exaggerating a great deal.  It is a single function call,
> ExpandEnvironmentStrings, documented at
> http://msdn.microsoft.com/en-us/library/ms724265%28v=vs.85%29.aspx.
> Patching cmdproxy.c to use ExpandEnvironmentStrings before calling
> CreateProcess would add at most 10 lines of code.  This is by no means
> "reimplementing half of cmd.exe."

I actually didn't know about ExpandEnvironmentStrings.  Thank you for 
the link; this function may be useful in some cases.  But as the 
comments on the linked MSDN page point out, ExpandEnvironmentStrings 
doesn't expand variable references quite same way cmd does, and it would 
produce incorrect results for us whether we ran it before or after 
level-2-dequoting.  Since cmdproxy should mimic cmd's processing when 
bypassing cmd itself, ExpandEnvironmentStrings would be inappropriate 
for our purposes.

The issue is moot, however, because cmdproxy now punts processing 
variable references to cmd itself, and I suspect that Eli Zaretskii is 
correct when he says that such variable references are rare.