batch file eats cpu and RAM using only echo ^?

windows memory-leaks cmd.exe

tldr: ran a batch file with only 1 line in it: echo ^ . This file eats 70-100% of one core and approx. 1k RAM a second...???

While answering this question, I came across some odd behavior in Windows batch files.

I was having some batch file fun to show the OP that you could have a ^ at the end of a line in a batch file for line continuation, example:

file test.bat:

echo How are ^
you today ^
my good fellow

Would output: How are you today my good fellow

I was curious if the command prompt would display a More? from the batch file similar to the command prompt if you just had a line like so in a batch file: echo Do you want some ^

If you did that on the command line it would display More? (as for more input):

C:\>echo Do you want some ^
More?

However, I tried this line (having ONLY this line) in a batch file and some unexplainable behavior happened, so I played around with the script to find that the only time this happens is when an echo statement is the last line and the ^ is the last character of the batch file.

A quick file to reproduce:

file test.bat:

echo ^

Running that batch file on my 64-bit Windows 7 machine ate up 70-100% of one of my cores and would eat roughly 1k of memory every second!!

Running this file also ignored all input (except CTRL+ key presses to end it), though after the file ended the input was still flushed to the console:

C:\>test.bat
(nothing is happening here except CPU/RAM eating)
(I would proceed to type something like "HELLO")
CTRL+C (script ends)
C:\>HELLO
'HELLO' is not recognized an internal .....

My 'search-foo' (Stack Oveflow, Stack Exchange, MSDN, Google and Bing) turned up no results that could explain this odd behavior in a batch file (only what the ^ does on command line and batch files); I would think that if the only line in a batch file was echo ^ it would just end the script and not run until I CTRL+C out of it?

Has any one else noticed this behavior or could explain what might cause this? As well could that lead to any possible avenues of attack on a system?

It's not a major issue (I don't have any batch files that end in echo ^) but it struck me as very peculiar that 1 line of batch results in 1k/s??

(Side note: I'm going to try this same situation out through some programming languages [.NET, Java and C/C++] and some web scripts (JS maybe?) to see what happens as a result)


As it turns out, this is actually a bug in how the command line (more specifically cmd.exe) parses batch files and could lead to a quick denial of service type attack; putting the following line in a batch file (with no new lines) will consume massive amounts of memory very quickly due to this bug (as an example):

^ nul<^

Long story short, when a caret is at the end of the file, the actual end of file is 'ignored' and the file handle 'reset' to 0 (essentially) so that the batch is parsed again (ad infinitum).

Related

How to use different proxy for different address?
How to solve "command not found" on Ubuntu bash shell?
Open file in editor with a single click in Webstorm?
Caching YouTube videos across loads
Transform Fixed Width to CSV?
Windows detected a hard disk p⁣roblem — what should I do?
Can we show that the CDF of the Poisson distribution with mean $\lambda$ is decreasing in $\lambda$?
The jacobson radical of a ring $R$ contains no idempotents other than $0$. [closed]
Smoothness of discrete data
countably locally finite covers
Symmetric matrix with positive entries being invertible?
Showing that these two sets of linear transformations are same.