Linux, spaces in path, startAsProcess and Process::openDocument

Linux
1

Hi!

One of the features in surge is to let people open their user directory. Pretty straignt forward. We basically go

   auto path = juce::File( userDirStr );
   path.startAsProcess();

on mac and win this works fine and on linux it used to, but this weekend we changed the name of our user directory from Surge to Surge XT.

So now I get a directory which looks like /home/paul/Documents/Surge XT being passed to the above code. The path is correct but startAsProcess munges it.

The problem appears to be here:

bool Process::openDocument (const String& fileName, const String& parameters)
{
    auto cmdString = fileName.replace (" ", "\\ ", false);
    cmdString << " " << parameters;

that first line turns my directory into Surge\ XT and the subsequent commands into

xdg-open "/home/paul/Documents/Surge\ XT" || /etc/alternatives/x-www-browser "/home/paul/Documents/Surge\ XT" || firefox "/home/paul/Documents/Surge\ XT" || mozilla "/home/paul/Documents/Surge\ XT" || google-chrome "/home/paul/Documents/Surge\ XT" || chromium-browser "/home/paul/Documents/Surge\ XT" || opera "/home/paul/Documents/Surge\ XT" || konqueror "/home/paul/Documents/Surge\ XT"

note the \ inside the ". So this double protects the space. This is because you use cmdString.quoted() to construct the array inside the if area.

This patch fixed it for me but I’m not sure if it is what you want.

Thanks for any thoughts!

diff --git a/modules/juce_core/native/juce_linux_Files.cpp b/modules/juce_core/native/juce_linux_Files.cpp
index 99893aaa0..1f946fd0f 100644
--- a/modules/juce_core/native/juce_linux_Files.cpp
+++ b/modules/juce_core/native/juce_linux_Files.cpp
@@ -208,6 +208,15 @@ bool Process::openDocument (const String& fileName, const String& parameters)
     {
         StringArray cmdLines;
 
+        /*
+         * since we are quoting the cmdstring with .quoted() when building
+         * the compound command line below, we can remove the space protection
+         * since that would double-protect filenames with spaces in them.
+         *
+         * Note that arguments will make this dicey .. but in multiple ways anyway
+         */
+        cmdString = fileName;
+
         for (auto browserName : { "xdg-open", "/etc/alternatives/x-www-browser", "firefox", "mozilla",
                                   "google-chrome", "chromium-browser", "opera", "konqueror" })
         {
2

hi! Just a quick bump on this. I can work around it by merging an xdg-open myself but if it was fixable for 6.1 that would be lovely! Thanks so much.

3

JUCE would probably benefit from a proper shellquote function for this kind of stuff, as escaping whitespaces and quoting arguments is not a full-proof protection against crafted arguments that could trigger execution of an arbitrary process

4

I agree with that; but right now am experiencing the fact that it incorrectly double protects even with the simple protection it does

5

Thanks for your patience. I’ve merged a fix here:

Please let us know if you encounter any problems with this change.

6

Thank you!!