-
Notifications
You must be signed in to change notification settings - Fork 30k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
src: make copies of startup environment variables #11051
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM with two suggestions
src/node.cc
Outdated
@@ -905,12 +905,21 @@ Local<Value> UVException(Isolate* isolate, | |||
|
|||
|
|||
// Look up environment variable unless running as setuid root. | |||
inline const char* secure_getenv(const char* key) { | |||
inline bool secure_getenv(const char* key, std::string* text) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We may want to rename this if it no longer matches the secure_getenv(3)
signature
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
node::SecureGetEnv()
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you expose it in node_internal.h, I can drop 7c6a26e
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Renamed to SafeGetenv()
cuz less chars.
src/node.cc
Outdated
{ | ||
std::string text; | ||
config_preserve_symlinks = | ||
secure_getenv("NODE_PRESERVE_SYMLINKS", &text) && *text.c_str() == '1'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: text[0] == '1'
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(text.length() == 1 && text[0] == '1')
? Right now, it appears a value of ``10or
100` would also be accepted, in violation of the docs. Though maybe that's a bug for another PR?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll update to text[0] == '1'
. I wrote it like this to keep it as close as possible to the logic it replaces.
Though maybe that's a bug for another PR?
Yes, I would say so. FWIW, it doesn't bother me personally.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is reasonable to avoid unintended changes in the env.
src/node.cc
Outdated
@@ -905,12 +905,21 @@ Local<Value> UVException(Isolate* isolate, | |||
|
|||
|
|||
// Look up environment variable unless running as setuid root. | |||
inline const char* secure_getenv(const char* key) { | |||
inline bool secure_getenv(const char* key, std::string* text) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
node::SecureGetEnv()
?
src/node.cc
Outdated
{ | ||
std::string text; | ||
config_preserve_symlinks = | ||
secure_getenv("NODE_PRESERVE_SYMLINKS", &text) && *text.c_str() == '1'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(text.length() == 1 && text[0] == '1')
? Right now, it appears a value of ``10or
100` would also be accepted, in violation of the docs. Though maybe that's a bug for another PR?
src/node.cc
Outdated
} | ||
// If the parameter isn't given, use the env variable. | ||
if (icu_data_dir.empty()) | ||
secure_getenv("NODE_ICU_DATA", &icu_data_dir); | ||
// Initialize ICU. | ||
// If icu_data_dir is nullptr here, it will load the 'minimal' data. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
can no longer be nullptr
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point, updated.
src/node.cc
Outdated
@@ -905,12 +905,21 @@ Local<Value> UVException(Isolate* isolate, | |||
|
|||
|
|||
// Look up environment variable unless running as setuid root. | |||
inline const char* secure_getenv(const char* key) { | |||
inline bool secure_getenv(const char* key, std::string* text) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If you expose it in node_internal.h, I can drop 7c6a26e
ping @bnoordhuis |
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers.
5c558d5
to
be42f90
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated, PTAL. CI: https://ci.nodejs.org/job/node-test-pull-request/6256/
src/node.cc
Outdated
@@ -905,12 +905,21 @@ Local<Value> UVException(Isolate* isolate, | |||
|
|||
|
|||
// Look up environment variable unless running as setuid root. | |||
inline const char* secure_getenv(const char* key) { | |||
inline bool secure_getenv(const char* key, std::string* text) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Renamed to SafeGetenv()
cuz less chars.
src/node.cc
Outdated
{ | ||
std::string text; | ||
config_preserve_symlinks = | ||
secure_getenv("NODE_PRESERVE_SYMLINKS", &text) && *text.c_str() == '1'; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll update to text[0] == '1'
. I wrote it like this to keep it as close as possible to the logic it replaces.
Though maybe that's a bug for another PR?
Yes, I would say so. FWIW, it doesn't bother me personally.
src/node.cc
Outdated
} | ||
// If the parameter isn't given, use the env variable. | ||
if (icu_data_dir.empty()) | ||
secure_getenv("NODE_ICU_DATA", &icu_data_dir); | ||
// Initialize ICU. | ||
// If icu_data_dir is nullptr here, it will load the 'minimal' data. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point, updated.
@sam-github I'll let you do that in your PR, it would look incongruous (unnecessary) in this one. Aside: if the use of std::string bothers anyone, I can replace it with a version that copies out to a plain char array (possibly with some mid-level template magic to infer array bounds - never do any work the compiler can do for you.) |
ping @sam-github |
Landed in a8734af |
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: #11051 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Zu schade, the commit log still mentions secure_getenv(). |
@@ -3741,7 +3750,7 @@ static void ParseArgs(int* argc, | |||
#endif /* HAVE_OPENSSL */ | |||
#if defined(NODE_HAVE_I18N_SUPPORT) | |||
} else if (strncmp(arg, "--icu-data-dir=", 15) == 0) { | |||
icu_data_dir = arg + 15; | |||
icu_data_dir.assign(arg, 15); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
When converting openssl_config
to std::string, I discovered this copies the first 15 chars of arg into target, it needs to be icu_data_dir.assign(arg + 15);
or something of the like. @srl295 Since tests pass, this means that this command line option has no test coverage.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ai, obvious bug in retrospect. #11255
Sorry, @bnoordhuis, I thought it would be helpful to land it since it was approved and had been waiting on me for several days, I won't do that again. I found a problem while rebasing #11006 onto master, PTAL. |
This is having conflicts when landing on |
@nodejs/ctc we need labels like |
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs#11051 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs#11051 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: #11051 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM after the fact
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: #11051 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs#11051 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Needs a backport PR to land on v4 or v6 |
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs#11051 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: #11051 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: #11051 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs/node#11051 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Sam Roberts <[email protected]>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. This is the part of nodejs#11051 that applies to nodejs@03e89b3
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. This is the part of nodejs#11051 that applies to be11fb4. This part wasn't backported to 6.x when nodejs#11051 was backported because the semver-minor introduction of NODE_REDIRECT_WARNINGS hadn't been backported yet. Now that the env var is backported, this last bit of nodejs#11051 is needed.
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. This is the part of #11051 that applies to be11fb4. This part wasn't backported to 6.x when #11051 was backported because the semver-minor introduction of NODE_REDIRECT_WARNINGS hadn't been backported yet. Now that the env var is backported, this last bit of #11051 is needed. PR-URL: #12677 Reviewed-By: Gibson Fahnestock <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. This is the part of #11051 that applies to be11fb4. This part wasn't backported to 6.x when #11051 was backported because the semver-minor introduction of NODE_REDIRECT_WARNINGS hadn't been backported yet. Now that the env var is backported, this last bit of #11051 is needed. PR-URL: #12677 Reviewed-By: Gibson Fahnestock <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Mutations of the environment can invalidate pointers to environment
variables, so make
secure_getenv()
copy them out instead of returningpointers.
cc @sam-github
CI: https://ci.nodejs.org/job/node-test-pull-request/6087/