Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

test: assume priv ports start at 1024 if it can't be changed #46536

Merged
merged 3 commits into from
Mar 2, 2023
Merged

test: assume priv ports start at 1024 if it can't be changed #46536

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
526eed0
test: assume priv ports start at 1024 if it can't be changed
Feb 7, 2023
a5017cf
Update to remove TOCTOU stat-then-open pattern
Feb 7, 2023
1f161a1
Previous update reverted old v18 method, now based on new v19
Feb 8, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Next Next commit
test: assume priv ports start at 1024 if it can't be changed 
An update to test/parallel/test-cluster-bind-privileged-port.js
checks the lowest privileged port to ensure 42 is privileged
This only works on kernels > 4.1. On older kernels, this is
locked at 1024 so the check is not needed.

Fixes: #45838
  • Loading branch information
Kevin Lentin committed Feb 7, 2023
commit 526eed0ed3250297bf8db4217a8d47f371a409d8
12 changes: 8 additions & 4 deletions test/parallel/test-cluster-bind-privileged-port.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,12 +24,16 @@ const common = require('../common');
const assert = require('assert');
const cluster = require('cluster');
const net = require('net');
const { readFileSync } = require('fs');
const { readFileSync, statSync } = require('fs');

if (common.isLinux) {
const unprivilegedPortStart = parseInt(readFileSync('/proc/sys/net/ipv4/ip_unprivileged_port_start'));
if (unprivilegedPortStart <= 42) {
common.skip('Port 42 is unprivileged');
const procFileName = '/proc/sys/net/ipv4/ip_unprivileged_port_start';
// Does not exist for Kernel < 4.1 where answer is 1024. So only test limit if limit exists
if (statSync(procFileName, { throwIfNoEntry: false })) {
const unprivilegedPortStart = parseInt(readFileSync(procFileName));
if (unprivilegedPortStart <= 42) {
common.skip('Port 42 is unprivileged');
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a TOCTOU pattern. While mostly academic in this context, node users sometimes copy "best practices" from the test suite so I'd rather not merge this code as-is. Open the file and handle the error when it's not there.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed. While the TOCTOU race condition can never occur here, your reasoning is all sound. I'll replace it with a try block. Just dislike empty catch blocks but we'll throw a comment in there.
Done.

}
}

Expand Down