src: handle permissive extension on cmd check

PR-URL: nodejs-private/node-private#596
Backport-PR-URL: nodejs-private/node-private#603
CVE-ID: CVE-2024-36138

Author: RafaelGSS

Diff for: src/util-inl.h

@@ -27,6 +27,7 @@
 #include <cmath>
 #include <cstring>
 #include <locale>
+#include <regex>  // NOLINT(build/c++11)
 #include "node_revert.h"
 #include "util.h"
 
@@ -624,10 +625,20 @@ bool IsWindowsBatchFile(const char* filename) {
 #else
   static constexpr bool kIsWindows = false;
 #endif  // _WIN32
-  if (kIsWindows)
-    if (!IsReverted(SECURITY_REVERT_CVE_2024_27980))
-      if (const char* p = strrchr(filename, '.'))
-        return StringEqualNoCase(p, ".bat") || StringEqualNoCase(p, ".cmd");
+  if (kIsWindows && !IsReverted(SECURITY_REVERT_CVE_2024_27980)) {
+    std::string file_with_extension = filename;
+    // Regex to match the last extension part after the last dot, ignoring
+    // trailing spaces and dots
+    std::regex extension_regex(R"(\.([a-zA-Z0-9]+)\s*[\.\s]*$)");
+    std::smatch match;
+    std::string extension;
+
+    if (std::regex_search(file_with_extension, match, extension_regex)) {
+      extension = ToLower(match[1].str());
+    }
+
+    return !extension.empty() && (extension == "cmd" || extension == "bat");
+  }
   return false;
 }
 

Diff for: test/parallel/test-child-process-spawn-windows-batch-file.js

@@ -26,8 +26,8 @@ const expectedCode = isWindows && !isRevert ? 'EINVAL' : 'ENOENT';
 const expectedStatus = isWindows ? 1 : 127;
 
 const suffixes =
-    'BAT bAT BaT baT BAt bAt Bat bat CMD cMD CmD cmD CMd cMd Cmd cmd'
-    .split(' ');
+    'BAT|bAT|BaT|baT|BAt|bAt|Bat|bat|CMD|cMD|CmD|cmD|CMd|cMd|Cmd|cmd|cmd |cmd .|cmd ....'
+    .split('|');
 
 if (process.argv[2] === undefined) {
   const a = cp.spawnSync(process.execPath, [__filename, 'child']);