batch-file – Bugs in cmd.exe processor – Improper Escape Character

In this Stack Overflow question, user txtechhelp found an issue with the ^ character which could cause a security issue.


Cause

anyInvaildCommand ^

Note: Make sure the caret(^) is the last character! Any extra CR\LF won’t work at all!

The caret looks for the next character to escape. However, the are no more character available to escape, so cmd loops infinitely, looking for a character to escape. In this "loop" process, cmd.exe will consume your computer memory. And gradually eating all memory, bringing the computer to knees.

This issue can lead to more serious security worries as one could just enter the code into the one’s unlocked computer.

Solutions

  • Use codepage UTF-16 could solve this problem. Only UTF-8 or ASCII would cause the bug.

  • Make sure there is an extra CR\LF in the file, or just simply don’t use caret at the end of the file.

Extra

This bug seems to be solved in Windows 10.

if you want to reproduce, please indicate the source:
batch-file – Bugs in cmd.exe processor – Improper Escape Character - CodeDay