src: make copies of startup environment variables #11051
Conversation
nodejs-github-bot
added
c++
src/node.cc
Outdated
| @@ -905,12 +905,21 @@ Local<Value> UVException(Isolate* isolate, | |||
|
|
|||
|
|
|||
| // Look up environment variable unless running as setuid root. | |||
| inline const char* secure_getenv(const char* key) { | |||
| inline bool secure_getenv(const char* key, std::string* text) { | |||
There was a problem hiding this comment.
We may want to rename this if it no longer matches the secure_getenv(3) signature
There was a problem hiding this comment.
If you expose it in node_internal.h, I can drop 7c6a26e
There was a problem hiding this comment.
Renamed to SafeGetenv() cuz less chars.
src/node.cc
Outdated
| { | ||
| std::string text; | ||
| config_preserve_symlinks = | ||
| secure_getenv("NODE_PRESERVE_SYMLINKS", &text) && *text.c_str() == '1'; |
There was a problem hiding this comment.
(text.length() == 1 && text[0] == '1')? Right now, it appears a value of ``10or100` would also be accepted, in violation of the docs. Though maybe that's a bug for another PR?
There was a problem hiding this comment.
I'll update to text[0] == '1'. I wrote it like this to keep it as close as possible to the logic it replaces.
Though maybe that's a bug for another PR?
Yes, I would say so. FWIW, it doesn't bother me personally.
src/node.cc
Outdated
| @@ -905,12 +905,21 @@ Local<Value> UVException(Isolate* isolate, | |||
|
|
|||
|
|
|||
| // Look up environment variable unless running as setuid root. | |||
| inline const char* secure_getenv(const char* key) { | |||
| inline bool secure_getenv(const char* key, std::string* text) { | |||
src/node.cc
Outdated
| { | ||
| std::string text; | ||
| config_preserve_symlinks = | ||
| secure_getenv("NODE_PRESERVE_SYMLINKS", &text) && *text.c_str() == '1'; |
There was a problem hiding this comment.
(text.length() == 1 && text[0] == '1')? Right now, it appears a value of ``10or100` would also be accepted, in violation of the docs. Though maybe that's a bug for another PR?
src/node.cc
Outdated
| } | ||
| // If the parameter isn't given, use the env variable. | ||
| if (icu_data_dir.empty()) | ||
| secure_getenv("NODE_ICU_DATA", &icu_data_dir); | ||
| // Initialize ICU. | ||
| // If icu_data_dir is nullptr here, it will load the 'minimal' data. |
There was a problem hiding this comment.
can no longer be nullptr
src/node.cc
Outdated
| @@ -905,12 +905,21 @@ Local<Value> UVException(Isolate* isolate, | |||
|
|
|||
|
|
|||
| // Look up environment variable unless running as setuid root. | |||
| inline const char* secure_getenv(const char* key) { | |||
| inline bool secure_getenv(const char* key, std::string* text) { | |||
There was a problem hiding this comment.
If you expose it in node_internal.h, I can drop 7c6a26e
|
ping @bnoordhuis |
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers.
bnoordhuis
force-pushed
the
secure-getenv
branch
from
5c558d5
to
be42f90
Compare
There was a problem hiding this comment.
Updated, PTAL. CI: https://ci.nodejs.org/job/node-test-pull-request/6256/
src/node.cc
Outdated
| @@ -905,12 +905,21 @@ Local<Value> UVException(Isolate* isolate, | |||
|
|
|||
|
|
|||
| // Look up environment variable unless running as setuid root. | |||
| inline const char* secure_getenv(const char* key) { | |||
| inline bool secure_getenv(const char* key, std::string* text) { | |||
There was a problem hiding this comment.
Renamed to SafeGetenv() cuz less chars.
src/node.cc
Outdated
| { | ||
| std::string text; | ||
| config_preserve_symlinks = | ||
| secure_getenv("NODE_PRESERVE_SYMLINKS", &text) && *text.c_str() == '1'; |
There was a problem hiding this comment.
I'll update to text[0] == '1'. I wrote it like this to keep it as close as possible to the logic it replaces.
Though maybe that's a bug for another PR?
Yes, I would say so. FWIW, it doesn't bother me personally.
src/node.cc
Outdated
| } | ||
| // If the parameter isn't given, use the env variable. | ||
| if (icu_data_dir.empty()) | ||
| secure_getenv("NODE_ICU_DATA", &icu_data_dir); | ||
| // Initialize ICU. | ||
| // If icu_data_dir is nullptr here, it will load the 'minimal' data. |
@sam-github I'll let you do that in your PR, it would look incongruous (unnecessary) in this one. Aside: if the use of std::string bothers anyone, I can replace it with a version that copies out to a plain char array (possibly with some mid-level template magic to infer array bounds - never do any work the compiler can do for you.) |
|
ping @sam-github |
|
Landed in a8734af |
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: #11051 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
|
Zu schade, the commit log still mentions secure_getenv(). |
| @@ -3741,7 +3750,7 @@ static void ParseArgs(int* argc, | |||
| #endif /* HAVE_OPENSSL */ | |||
| #if defined(NODE_HAVE_I18N_SUPPORT) | |||
| } else if (strncmp(arg, "--icu-data-dir=", 15) == 0) { | |||
| icu_data_dir = arg + 15; | |||
| icu_data_dir.assign(arg, 15); | |||
There was a problem hiding this comment.
When converting openssl_config to std::string, I discovered this copies the first 15 chars of arg into target, it needs to be icu_data_dir.assign(arg + 15); or something of the like. @srl295 Since tests pass, this means that this command line option has no test coverage.
There was a problem hiding this comment.
Ai, obvious bug in retrospect. #11255
|
Sorry, @bnoordhuis, I thought it would be helpful to land it since it was approved and had been waiting on me for several days, I won't do that again. I found a problem while rebasing #11006 onto master, PTAL. |
|
This is having conflicts when landing on |
|
@nodejs/ctc we need labels like |
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs#11051 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs#11051 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: #11051 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: #11051 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs#11051 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
|
Needs a backport PR to land on v4 or v6 |
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs#11051 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: #11051 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: #11051 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. PR-URL: nodejs/node#11051 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. This is the part of nodejs#11051 that applies to nodejs@03e89b3
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. This is the part of nodejs#11051 that applies to be11fb4. This part wasn't backported to 6.x when nodejs#11051 was backported because the semver-minor introduction of NODE_REDIRECT_WARNINGS hadn't been backported yet. Now that the env var is backported, this last bit of nodejs#11051 is needed.
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. This is the part of #11051 that applies to be11fb4. This part wasn't backported to 6.x when #11051 was backported because the semver-minor introduction of NODE_REDIRECT_WARNINGS hadn't been backported yet. Now that the env var is backported, this last bit of #11051 is needed. PR-URL: #12677 Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Mutations of the environment can invalidate pointers to environment variables, so make `secure_getenv()` copy them out instead of returning pointers. This is the part of #11051 that applies to be11fb4. This part wasn't backported to 6.x when #11051 was backported because the semver-minor introduction of NODE_REDIRECT_WARNINGS hadn't been backported yet. Now that the env var is backported, this last bit of #11051 is needed. PR-URL: #12677 Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Mutations of the environment can invalidate pointers to environment
variables, so make
secure_getenv()copy them out instead of returningpointers.
cc @sam-github
CI: https://ci.nodejs.org/job/node-test-pull-request/6087/