From d1d6cb7bc3a134cfd153ed7eb9fcdafa5c1fd193 Mon Sep 17 00:00:00 2001
From: Yuri Astrakhan <yurik@wikimedia.org>
Date: Tue, 22 Jul 2014 01:46:16 +0300
Subject: [PATCH] Allow wfShellExec() to use an array as a command prompt

Command line may now be given as an array, where each value
will be escaped and glued together with a space.

Change-Id: I9237ec1fccc60c0c4a360562db1c050a3be7e6a3
---
 includes/GlobalFunctions.php | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php
index fe12a078e2..6850734f33 100644
--- a/includes/GlobalFunctions.php
+++ b/includes/GlobalFunctions.php
@@ -2785,7 +2785,9 @@ function wfShellExecDisabled() {
  * Execute a shell command, with time and memory limits mirrored from the PHP
  * configuration if supported.
  *
- * @param string $cmd Command line, properly escaped for shell.
+ * @param string|string[] $cmd if string, a properly shell-escaped command line,
+ *   or an array of unescaped arguments, in which case each value will be escaped
+ *   Example:   [ 'convert', '-font', 'font name' ] would produce "'convert' '-font' 'font name'"
  * @param null|mixed &$retval Optional, will receive the program's exit code.
  *   (non-zero is usually failure). If there is an error from
  *   read, select, or proc_open(), this will be set to -1.
@@ -2834,6 +2836,15 @@ function wfShellExec( $cmd, &$retval = null, $environ = array(),
 			$envcmd .= "$k=" . escapeshellarg( $v ) . ' ';
 		}
 	}
+	if ( is_array( $cmd ) ) {
+		// Command line may be given as an array, escape each value and glue them together with a space
+		$cmdVals = array();
+		foreach ( $cmd as $val ) {
+			$cmdVals[] = wfEscapeShellArg( $val );
+		}
+		$cmd = implode( ' ', $cmdVals );
+	}
+
 	$cmd = $envcmd . $cmd;
 
 	$useLogPipe = false;
-- 
2.20.1