NSIS: Quote uninstaller path when executing it in a shell

Protect our `$0` reference in the shell as `"$0"`.  Otherwise it works
with a space in the path only due to an insecure Windows feature.

Prior to this fix, any installer using the option added by commit
v2.8.9~234^2 (Added CPACK_NSIS_ENABLE_UNINSTALL_BEFORE_INSTALL,
2011-06-11) exposes a local privilege escalation vulnerability.

Reported-by: Amir Szekely <[email protected]>
Reported-by: Ug_0 Security

Help/release/3.6.rst

@@ -308,3 +308,9 @@ Other Changes
   preferred future use is upper cased component names in variables.
   New variables that will be added to CPackRPM in later versions
   will only support upper cased component variable format.
+
+* The CPack NSIS generator's configuration file template was fixed to
+  quote the path to the uninstaller tool used by the
+  :variable:`CPACK_NSIS_ENABLE_UNINSTALL_BEFORE_INSTALL` option.
+  This avoids depending on an insecure Windows feature to run an
+  uninstaller tool with a space in the path.

Modules/NSIS.template.in

@@ -920,7 +920,7 @@ uninst:
   ClearErrors
   StrLen $2 "\Uninstall.exe"
   StrCpy $3 $0 -$2 # remove "\Uninstall.exe" from UninstallString to get path
-  ExecWait '$0 _?=$3' ;Do not copy the uninstaller to a temp file
+  ExecWait '"$0" _?=$3' ;Do not copy the uninstaller to a temp file
 
   IfErrors uninst_failed inst
 uninst_failed: