Defect #38728


Correctly escape issue text in Gantt PNG export for ImageMagick convert

Added by Holger Just 3 months ago. Updated 4 days ago.

Target version:
Start date:
Due date:
% Done:


Estimated time:
Affected version:


According to, we need to quote the passed text and only escape the quote character and backslash with backslashes respectively. Redmine::Utils::Shell.shell_quote escapes the single quote for a wrong environment (namely a shell) which results in errors if an issue subject contains a single quote character.

The attached patch fixes this by using specific quoting/escaping for the ImageMagick convert command.

Note that the usual shell special characters (such as $, `, ...) do not need to be escaped here since the shellouts performed by MiniMagick are perfomed with Open3.popen3 which does not launch a shell but runs the command directly.


Related issues

Related to Redmine - Feature #30492: Replace RMagick with MiniMagickClosedGo MAEDA

Actions #1

Updated by Holger Just 3 months ago

To further explain this, when a ' character is included in an issue subject, right now, we would escape the generated command line argument to convert as follows (assuming the subjet is foo 'bar' baz

text 2,16 'foo '"'"'bar'"'"' baz'

This is a single argument (including the spaces). As explained, there are no surounding quotes around the command line argument as the command in not run through a shell by mini_magick but is directly passed to the command via Open3.popen3. Imagemagick performs some quote-parsing on its own to determine the single or double-quoted string as the last argument to a draw text rule.

However, due to the excessive escaping of the ' characters, imagemagick barfs as its parsing rules for the quoted string expects only only a single quoted string (with internal quotes of the same type escaped by \). This escaping rule as described in the above linked document is implemented by the patch. Thus, after the patch the same issue subject will result in the following command line argument:

text 2,16 'foo \'bar\' baz'
Actions #2

Updated by Go MAEDA 4 days ago

  • Tracker changed from Patch to Defect
  • Target version changed from Candidate for next minor release to 4.2.11
  • Affected version set to 4.1.0
Actions #3

Updated by Go MAEDA 4 days ago

Actions #4

Updated by Go MAEDA 4 days ago

  • Status changed from New to Closed
  • Assignee set to Go MAEDA
  • Resolution set to Fixed

Committed the fix. Thank you.


Also available in: Atom PDF