Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

src: fix spawnSync CHECK when SIGKILL fails #31768

Closed
wants to merge 1 commit into from
Closed

src: fix spawnSync CHECK when SIGKILL fails #31768

wants to merge 1 commit into from

Conversation

bnoordhuis
Copy link
Member

We might not have sufficient privileges to signal the child process
so don't make assumptions about the return value of uv_process_kill().

Example:

node -e 'child_process.spawnSync("sudo", ["ls"], { maxBuffer: 1 })'

No test because:

  1. The test needs to run as root (can't invoke sudo), and

  2. The parent needs to drop privileges but can't, because
    then the child process won't have sufficient privileges.

Fixes: #31747

@bnoordhuis
src: fix spawnSync CHECK when SIGKILL fails
7bd387a 
We might not have sufficient privileges to signal the child process
so don't make assumptions about the return value of `uv_process_kill()`.

Example:

    node -e 'child_process.spawnSync("sudo", ["ls"], { maxBuffer: 1 })'

No test because:

1. The test needs to run as root (can't invoke sudo), and

2. The parent needs to drop privileges but can't, because
   then the child process won't have sufficient privileges.

Fixes: nodejs#31747
@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. child_process Issues and PRs related to the child_process subsystem. labels Feb 13, 2020
@bnoordhuis bnoordhuis mentioned this pull request Feb 13, 2020
Closed
@bnoordhuis bnoordhuis added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Feb 15, 2020
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/29649/

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/29739/

addaleax pushed a commit that referenced this pull request Mar 11, 2020
@bnoordhuis @addaleax
src: fix spawnSync CHECK when SIGKILL fails
d09e1da 
We might not have sufficient privileges to signal the child process
so don't make assumptions about the return value of `uv_process_kill()`.

Example:

    node -e 'child_process.spawnSync("sudo", ["ls"], { maxBuffer: 1 })'

No test because:

1. The test needs to run as root (can't invoke sudo), and

2. The parent needs to drop privileges but can't, because
   then the child process won't have sufficient privileges.

Fixes: #31747

PR-URL: #31768
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: David Carlier <devnexen@gmail.com>
@addaleax
Copy link
Member

Landed in d09e1da

@addaleax addaleax closed this Mar 11, 2020
MylesBorins pushed a commit that referenced this pull request Mar 11, 2020
@bnoordhuis @MylesBorins
src: fix spawnSync CHECK when SIGKILL fails
025f658 
We might not have sufficient privileges to signal the child process
so don't make assumptions about the return value of `uv_process_kill()`.

Example:

    node -e 'child_process.spawnSync("sudo", ["ls"], { maxBuffer: 1 })'

No test because:

1. The test needs to run as root (can't invoke sudo), and

2. The parent needs to drop privileges but can't, because
   then the child process won't have sufficient privileges.

Fixes: #31747

PR-URL: #31768
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: David Carlier <devnexen@gmail.com>
@MylesBorins MylesBorins mentioned this pull request Mar 12, 2020
Merged
targos pushed a commit that referenced this pull request Apr 22, 2020
@bnoordhuis @targos
src: fix spawnSync CHECK when SIGKILL fails
f223d2c 
We might not have sufficient privileges to signal the child process
so don't make assumptions about the return value of `uv_process_kill()`.

Example:

    node -e 'child_process.spawnSync("sudo", ["ls"], { maxBuffer: 1 })'

No test because:

1. The test needs to run as root (can't invoke sudo), and

2. The parent needs to drop privileges but can't, because
   then the child process won't have sufficient privileges.

Fixes: #31747

PR-URL: #31768
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: David Carlier <devnexen@gmail.com>
@targos targos mentioned this pull request Apr 22, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasnell jasnell jasnell approved these changes

@addaleax addaleax addaleax approved these changes

@santigimeno santigimeno santigimeno approved these changes

@cjihrig cjihrig cjihrig approved these changes

@devnexen devnexen devnexen approved these changes

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. child_process Issues and PRs related to the child_process subsystem.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

child_process: spawnSync crashes trying to terminate setuid child because of maxBuffer exceeded
7 participants
@bnoordhuis @nodejs-github-bot @addaleax @jasnell @santigimeno @cjihrig @devnexen