Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

src: check size of args before using for exec_path #45902

Merged
merged 1 commit into from
Dec 20, 2022

Conversation

awilfox
Copy link
Contributor

@awilfox awilfox commented Dec 18, 2022

If we are in an artifically created Environment that has no args set, and uv_exepath returns an error (for instance, if /proc is not mounted on a Linux system), then we crash with a nullptr deref attempting to use argv[0].

Fixes: #45901

This is already covered by multiple cctests as noted in the above issue, so I wasn't sure if an explicit test was needed. If so, I can add one.

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run. labels Dec 18, 2022
If we are in an artifically created Environment that has no args set,
and uv_exepath returns an error (for instance, if /proc is not mounted
on a Linux system), then we crash with a nullptr deref attempting to
use argv[0].

Fixes: nodejs#45901
@awilfox awilfox force-pushed the awilfox/fix/issue45901 branch from 8214cc1 to c218f7a Compare December 18, 2022 04:27
@addaleax addaleax added the request-ci Add this label to start a Jenkins CI on a PR. label Dec 18, 2022
@addaleax addaleax changed the title env: check size of args before using for exec_path src: check size of args before using for exec_path Dec 18, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Dec 18, 2022
@nodejs-github-bot
Copy link
Collaborator

Copy link
Contributor

@cjihrig cjihrig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks!

@addaleax addaleax added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Dec 20, 2022
@nodejs-github-bot
Copy link
Collaborator

@addaleax addaleax added the commit-queue Add this label to land a pull request using GitHub Actions. label Dec 20, 2022
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Dec 20, 2022
@nodejs-github-bot nodejs-github-bot merged commit 95200ba into nodejs:main Dec 20, 2022
@nodejs-github-bot
Copy link
Collaborator

Landed in 95200ba

targos pushed a commit that referenced this pull request Jan 1, 2023
If we are in an artifically created Environment that has no args set,
and uv_exepath returns an error (for instance, if /proc is not mounted
on a Linux system), then we crash with a nullptr deref attempting to
use argv[0].

Fixes: #45901
PR-URL: #45902
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
@RafaelGSS RafaelGSS mentioned this pull request Jan 2, 2023
RafaelGSS pushed a commit that referenced this pull request Jan 4, 2023
If we are in an artifically created Environment that has no args set,
and uv_exepath returns an error (for instance, if /proc is not mounted
on a Linux system), then we crash with a nullptr deref attempting to
use argv[0].

Fixes: #45901
PR-URL: #45902
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
RafaelGSS pushed a commit that referenced this pull request Jan 5, 2023
If we are in an artifically created Environment that has no args set,
and uv_exepath returns an error (for instance, if /proc is not mounted
on a Linux system), then we crash with a nullptr deref attempting to
use argv[0].

Fixes: #45901
PR-URL: #45902
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
juanarbol pushed a commit that referenced this pull request Jan 26, 2023
If we are in an artifically created Environment that has no args set,
and uv_exepath returns an error (for instance, if /proc is not mounted
on a Linux system), then we crash with a nullptr deref attempting to
use argv[0].

Fixes: #45901
PR-URL: #45902
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
@juanarbol juanarbol mentioned this pull request Jan 28, 2023
juanarbol pushed a commit that referenced this pull request Jan 31, 2023
If we are in an artifically created Environment that has no args set,
and uv_exepath returns an error (for instance, if /proc is not mounted
on a Linux system), then we crash with a nullptr deref attempting to
use argv[0].

Fixes: #45901
PR-URL: #45902
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

EnvironmentTest crashes when /proc is unavailable
5 participants