-
Notifications
You must be signed in to change notification settings - Fork 29.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
child_process: fix handling of incorrect uid/gid in spawn #22574
Conversation
uid/gid must be uint32, which is asserted on a c++ side but wasn't checked on a JS side and therefore resulted in a process crash. Refs: nodejs#22570
lib/child_process.js
Outdated
if (options.uid != null && !Number.isInteger(options.uid)) { | ||
throw new ERR_INVALID_ARG_TYPE('options.uid', 'integer', options.uid); | ||
if (options.uid != null && | ||
(!Number.isInteger(options.uid) || !isUint32(options.uid))) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Is the Number.isInteger()
check still needed? Also, don't we want int32 checks to match the C++ checks?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It will look kind of strange (especially if it's an object: {} >>> 1 and {} | 0) but I guess it is redundant.
I actually thought maybe it's worth changing them too, though I don't have enough knowledge of the topic. Linux usage and googling tell me that uid/gid must be non-negative, though maybe some of the systems we support actually support negative uid/gid. Therefore I'd also like some input on this.
In the end, I can always change those to isint32 and a topic of changing them to uint checks may be resolved in a separate PR.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
After some more googling OpenBSD seem to use -2 as internal "nobody" still.
For now, I'll change it to Int32 and we can discuss this later.
Landed in 22789fd |
uid/gid must be uint32, which is asserted on a c++ side but wasn't checked on a JS side and therefore resulted in a process crash. Refs: #22570 PR-URL: #22574 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Weijia Wang <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]>
uid/gid must be uint32, which is asserted on a c++ side but wasn't checked on a JS side and therefore resulted in a process crash. Refs: #22570 PR-URL: #22574 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Weijia Wang <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]>
uid/gid must be uint32, which is asserted on a c++ side but wasn't checked on a JS side and therefore resulted in a process crash. Refs: #22570 PR-URL: #22574 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Weijia Wang <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]>
uid/gid must be uint32, which is asserted on a c++ side but wasn't checked on a JS side and therefore resulted in a process crash. Refs: #22570 PR-URL: #22574 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Weijia Wang <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]>
uid/gid must be int32, which is asserted on a c++ side but wasn't
checked on a JS side and therefore resulted in a process crash.
Refs: #22570
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passesAlso, I'm not sure about the 'correct type' in TypeError, is 'int32' okay?