batch-file Bugs in cmd.exe processor Improper Escape Character
Example
In this Stack Overflow question, user txtechhelp found an issue with the ^ character which could cause a security issue.
Cause
anyInvaildCommand ^
Note: Make sure the caret(^) is the last character! Any extra CR\LF won't work at all!
The caret looks for the next character to escape. However, the are no more character available to escape, so cmd loops infinitely, looking for a character to escape. In this "loop" process, cmd.exe will consume your computer memory. And gradually eating all memory, bringing the computer to knees.
This issue can lead to more serious security worries as one could just enter the code into the one's unlocked computer.
Solutions
-
Use codepage UTF-16 could solve this problem. Only UTF-8 or ASCII would cause the bug.
-
Make sure there is an extra
CR\LFin the file, or just simply don't use caret at the end of the file.
Extra
This bug seems to be solved in Windows 10.
