diff --git a/reference/exec/functions/proc-open.xml b/reference/exec/functions/proc-open.xml index 2b87c8f906..f5578ce5ad 100644 --- a/reference/exec/functions/proc-open.xml +++ b/reference/exec/functions/proc-open.xml @@ -49,6 +49,20 @@ The command to execute + + + On Windows, unless bypass_shell is set to &true; in + other_options, the cmd is + passed to cmd.exe (actually, %ComSpec%) + with the /c flag as unquoted string + (i.e. exactly as has been given to proc_open). + This can cause cmd.exe to remove enclosing quotes from + cmd (for details see the cmd.exe documentation), + resulting in unexpected, and potentially even dangerous behavior, because + cmd.exe error messages may contain (parts of) the passed + cmd (see example below). + + @@ -250,6 +264,43 @@ command returned 0 + + + <function>proc_open</function> quirk on Windows + + While one may expect the following program to search the file + filename.txt for the text search and + to print the results, it behaves rather differently. + + + +]]> + + &example.outputs; + + + + + To work around that behavior, it is usually sufficient to enclose the + cmd in additional quotes: + + + + + + +