Fix GH-10489: run-tests.php does not escape path when building cmd (#10560)

Multiple tests had to be changed to escape the arguments in shell
commands. Some tests are skipped because they behave differently with
spaces in the path versus without. One notable example of this is the
hashbang test which does not work because spaces in hashbangs paths are
not supported in Linux.

Co-authored-by: Michael Voříšek <[email protected]>

Author: nielsdos

Zend/tests/bug40236.phpt

@@ -6,8 +6,8 @@ if (extension_loaded("readline")) die("skip Test doesn't support readline");
 ?>
 --FILE--
 <?php
-$php = getenv('TEST_PHP_EXECUTABLE');
-$cmd = "\"$php\" -n -d memory_limit=4M -a \"".__DIR__."\"/bug40236.inc";
+$php = getenv('TEST_PHP_EXECUTABLE_ESCAPED');
+$cmd = "$php -n -d memory_limit=4M -a \"".__DIR__."\"/bug40236.inc";
 echo `$cmd`;
 ?>
 --EXPECT--

Zend/tests/bug60978.phpt

@@ -2,8 +2,7 @@
 Bug #60978 (exit code incorrect)
 --FILE--
 <?php
-$php = getenv('TEST_PHP_EXECUTABLE');
-exec($php . ' -n -r "exit(2);"', $output, $exit_code);
+exec(getenv('TEST_PHP_EXECUTABLE_ESCAPED') . ' -n -r "exit(2);"', $output, $exit_code);
 echo $exit_code;
 ?>
 --EXPECT--

ext/com_dotnet/tests/bug77578.phpt

@@ -6,8 +6,8 @@ com_dotnet
 <?php
 // To actually be able to verify the crash during shutdown on Windows, we have
 // to execute a PHP subprocess, and check its exit status.
-$php = PHP_BINARY;
-$extension_dir = ini_get("extension_dir");
+$php = getenv('TEST_PHP_EXECUTABLE_ESCAPED');
+$extension_dir = escapeshellarg(ini_get("extension_dir"));
 $script = <<<SCRIPT
 if (!extension_loaded('com_dotnet')) dl('com_dotnet');
 ini_set('com.autoregister_typelib', '1');

ext/mbstring/tests/gh7902.phpt

@@ -1,8 +1,10 @@
 --TEST--
 GH-7902 (mb_send_mail may delimit headers with LF only)
+--EXTENSIONS--
+mbstring
 --SKIPIF--
 <?php
-if (!extension_loaded("mbstring")) die("skip mbstring extension not available");
+if (str_contains(getcwd(), " ")) die("skip sendmail_path ini with spaces");
 ?>
 --INI--
 sendmail_path={MAIL:{PWD}/gh7902.eml}

ext/simplexml/tests/bug79971_1.phpt

@@ -1,8 +1,10 @@
 --TEST--
 Bug #79971 (special character is breaking the path in xml function)
+--EXTENSIONS--
+simplexml
 --SKIPIF--
 <?php
-if (!extension_loaded('simplexml')) die('skip simplexml extension not available');
+if (str_contains(getcwd(), ' ')) die('skip simplexml already escapes the path with spaces so this test does not work');
 ?>
 --FILE--
 <?php

ext/standard/tests/directory/bug74589_utf8.phpt

@@ -18,6 +18,7 @@ internal_encoding=utf-8
 $item = "bug74589_新建文件夹"; // utf-8 string
 $dir = __DIR__ . DIRECTORY_SEPARATOR . $item;
 $test_file = $dir . DIRECTORY_SEPARATOR . "test.php";
+$test_file_escaped = escapeshellarg($test_file);
 
 mkdir($dir);
 
@@ -27,9 +28,9 @@ file_put_contents($test_file,
     var_dump(__FILE__);
     var_dump(__DIR__ === __DIR__);");
 
-$php = getenv('TEST_PHP_EXECUTABLE');
+$php = getenv('TEST_PHP_EXECUTABLE_ESCAPED');
 
-echo shell_exec("$php -n $test_file");
+echo shell_exec("$php -n $test_file_escaped");
 
 ?>
 --EXPECTF--

ext/standard/tests/file/bug22414.phpt

@@ -6,22 +6,21 @@ output_handler=
 <?php
 
     $php = getenv('TEST_PHP_EXECUTABLE');
+    $php_escaped = getenv('TEST_PHP_EXECUTABLE_ESCAPED');
     $tmpfile = tempnam(__DIR__, 'phpt');
     $args = ' -n ';
 
     /* Regular Data Test */
-    passthru($php . $args . ' -r " echo \"HELLO\"; "');
+    passthru($php_escaped . $args . ' -r " echo \"HELLO\"; "');
 
     echo "\n";
 
     /* Binary Data Test */
-
+    $cmd = $php_escaped . $args . ' -r ' . escapeshellarg("readfile(@getenv('TEST_PHP_EXECUTABLE'));");
     if (substr(PHP_OS, 0, 3) != 'WIN') {
-        $cmd = $php . $args . ' -r \"readfile(@getenv(\'\\\'\'TEST_PHP_EXECUTABLE\'\\\'\')); \"';
-        $cmd = $php . $args . ' -r \' passthru("'.$cmd.'"); \' > '.$tmpfile ;
+        $cmd = $php_escaped . $args . ' -r ' . escapeshellarg('passthru("'.$cmd.'");') . ' > '.escapeshellarg($tmpfile);
     } else {
-        $cmd = $php . $args . ' -r \"readfile(@getenv(\\\\\\"TEST_PHP_EXECUTABLE\\\\\\")); \"';
-        $cmd = $php . $args . ' -r " passthru(\''.$cmd.'\');" > '.$tmpfile ;
+        $cmd = $php_escaped . $args . ' -r ' . "\"passthru('".addslashes($cmd)."');\"" . ' > '.escapeshellarg($tmpfile);
     }
     exec($cmd);
 

ext/standard/tests/file/bug26615.phpt

@@ -7,9 +7,9 @@ variables_order=E
 $out = array();
 $status = -1;
 if (substr(PHP_OS, 0, 3) != 'WIN') {
-    exec($_ENV['TEST_PHP_EXECUTABLE'].' -n -r \'for($i=1;$i<=5000;$i++) print "$i\n";\' | tr \'\n\' \' \'', $out, $status);
+    exec($_ENV['TEST_PHP_EXECUTABLE_ESCAPED'].' -n -r \'for($i=1;$i<=5000;$i++) print "$i\n";\' | tr \'\n\' \' \'', $out, $status);
 } else {
-    exec($_ENV['TEST_PHP_EXECUTABLE'].' -n -r "for($i=1;$i<=5000;$i++) echo $i,\' \';"', $out, $status);
+    exec($_ENV['TEST_PHP_EXECUTABLE_ESCAPED'].' -n -r "for($i=1;$i<=5000;$i++) echo $i,\' \';"', $out, $status);
 }
 print_r($out);
 ?>

ext/standard/tests/file/bug26938.phpt

@@ -4,7 +4,7 @@ Bug #26938 (exec does not read consecutive long lines correctly)
 <?php
 $out = array();
 $status = -1;
-$php = getenv('TEST_PHP_EXECUTABLE');
+$php = getenv('TEST_PHP_EXECUTABLE_ESCAPED');
 if (substr(PHP_OS, 0, 3) != 'WIN') {
     exec($php . ' -n -r \''
          . '$lengths = array(10,20000,10000,5,10000,3);'

ext/standard/tests/file/bug60120.phpt

@@ -2,7 +2,7 @@
 Bug #60120 (proc_open hangs when data in stdin/out/err is getting larger or equal to 2048)
 --SKIPIF--
 <?php
-$php = getenv('TEST_PHP_EXECUTABLE');
+$php = getenv('TEST_PHP_EXECUTABLE_ESCAPED');
 if (!$php) {
     die("skip No php executable defined\n");
 }
@@ -12,11 +12,8 @@ if (!$php) {
 
 error_reporting(E_ALL);
 
-$php = getenv('TEST_PHP_EXECUTABLE');
-if (!$php) {
-    die("No php executable defined\n");
-}
-$cmd = 'php -r "fwrite(STDOUT, $in = file_get_contents(\'php://stdin\')); fwrite(STDERR, $in);"';
+$php = getenv('TEST_PHP_EXECUTABLE_ESCAPED');
+$cmd = $php . ' -r "fwrite(STDOUT, $in = file_get_contents(\'php://stdin\')); fwrite(STDERR, $in);"';
 $descriptors = array(array('pipe', 'r'), array('pipe', 'w'), array('pipe', 'w'));
 $stdin = str_repeat('*', 2049 );