symfony
diff --git a/‎src/Symfony/Component/Process/ExecutableFinder.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Process/ExecutableFinder.php
+8-2Lines changed: 8 additions & 2 deletions b/‎src/Symfony/Component/Process/ExecutableFinder.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Process/ExecutableFinder.php
+8-2Lines changed: 8 additions & 2 deletions
diff --git a/‎src/Symfony/Component/Process/PhpExecutableFinder.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Process/PhpExecutableFinder.php
+10-6Lines changed: 10 additions & 6 deletions b/‎src/Symfony/Component/Process/PhpExecutableFinder.php
Copy file name to clipboardExpand all lines: src/Symfony/Component/Process/PhpExecutableFinder.php
+10-6Lines changed: 10 additions & 6 deletions
@@ -70,8 +70,14 @@ public function find(string $name, ?string $default = null, array $extraDirs = [
             }
         }
 
-        $command = '\\' === \DIRECTORY_SEPARATOR ? 'where' : 'command -v --';
-        if (\function_exists('exec') && ($executablePath = strtok(@exec($command.' '.escapeshellarg($name)), \PHP_EOL)) && @is_executable($executablePath)) {
+        if (!\function_exists('exec') || \strlen($name) !== strcspn($name, '/'.\DIRECTORY_SEPARATOR)) {
+            return $default;
+        }
+
+        $command = '\\' === \DIRECTORY_SEPARATOR ? 'where %s 2> NUL' : 'command -v -- %s';
+        $execResult = exec(\sprintf($command, escapeshellarg($name)));
+
+        if (($executablePath = substr($execResult, 0, strpos($execResult, \PHP_EOL) ?: null)) && @is_executable($executablePath)) {
             return $executablePath;
         }
 
 
@@ -35,12 +35,16 @@ public function find(bool $includeArgs = true)
     {
         if ($php = getenv('PHP_BINARY')) {
             if (!is_executable($php)) {
-                $command = '\\' === \DIRECTORY_SEPARATOR ? 'where' : 'command -v --';
-                if (\function_exists('exec') && $php = strtok(exec($command.' '.escapeshellarg($php)), \PHP_EOL)) {
-                    if (!is_executable($php)) {
-                        return false;
-                    }
-                } else {
+                if (!\function_exists('exec') || \strlen($php) !== strcspn($php, '/'.\DIRECTORY_SEPARATOR)) {
+                    return false;
+                }
+
+                $command = '\\' === \DIRECTORY_SEPARATOR ? 'where %s 2> NUL' : 'command -v -- %s';
+                $execResult = exec(\sprintf($command, escapeshellarg($php)));
+                if (!$php = substr($execResult, 0, strpos($execResult, \PHP_EOL) ?: null)) {
+                    return false;
+                }
+                if (!is_executable($php)) {
                     return false;
                 }
             }
Original file line number	Diff line number	Diff line change
`@@ -70,8 +70,14 @@ public function find(string $name, ?string $default = null, array $extraDirs = [`
`70`	`70`	`}`
`71`	`71`	`}`
`72`	`72`
`73`		`- $command = '\\' === \DIRECTORY_SEPARATOR ? 'where' : 'command -v --';`
`74`		`- if (\function_exists('exec') && ($executablePath = strtok(@exec($command.' '.escapeshellarg($name)), \PHP_EOL)) && @is_executable($executablePath)) {`
	`73`	`+ if (!\function_exists('exec') \|\| \strlen($name) !== strcspn($name, '/'.\DIRECTORY_SEPARATOR)) {`
	`74`	`+ return $default;`
	`75`	`+ }`
	`76`	`+`
	`77`	`+ $command = '\\' === \DIRECTORY_SEPARATOR ? 'where %s 2> NUL' : 'command -v -- %s';`
	`78`	`+ $execResult = exec(\sprintf($command, escapeshellarg($name)));`
	`79`	`+`
	`80`	`+ if (($executablePath = substr($execResult, 0, strpos($execResult, \PHP_EOL) ?: null)) && @is_executable($executablePath)) {`
`75`	`81`	`return $executablePath;`
`76`	`82`	`}`
`77`	`83`