Skip to content

permission: v8.writeHeapSnapshot and process.report#48564

Merged
nodejs-github-bot merged 2 commits intonodejs:mainfrom
RafaelGSS:handle-write-report
Jul 4, 2023
Merged

permission: v8.writeHeapSnapshot and process.report#48564
nodejs-github-bot merged 2 commits intonodejs:mainfrom
RafaelGSS:handle-write-report

Conversation

@RafaelGSS
Copy link
Member

@RafaelGSS RafaelGSS commented Jun 26, 2023
edited
Loading

Even though the permission model, for now, doesn't handle other scopes than the node:fs module. Adding this validation on common write operations seems reasonable.

Co-Authored-By: @Haxatron

cc: @nodejs/security-wg

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. labels Jun 26, 2023
@RafaelGSS RafaelGSS force-pushed the handle-write-report branch from ec61426 to 0291784 Compare June 26, 2023 20:05
@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Jun 27, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 27, 2023
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jun 27, 2023

CI: https://ci.nodejs.org/job/node-test-pull-request/52502/

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jun 27, 2023

CI: https://ci.nodejs.org/job/node-test-pull-request/52512/

@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Jun 27, 2023
@RafaelGSS RafaelGSS force-pushed the handle-write-report branch from 0291784 to 635e2b2 Compare June 27, 2023 14:35
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 27, 2023
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jun 27, 2023

CI: https://ci.nodejs.org/job/node-test-pull-request/52516/

@github-actions github-actions bot mentioned this pull request Jun 28, 2023
Open
36 tasks
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jun 28, 2023

CI: https://ci.nodejs.org/job/node-test-pull-request/52535/

joyeecheung
joyeecheung reviewed Jun 28, 2023
View reviewed changes
This was referenced Jun 29, 2023
Open
Open
@RafaelGSS @Haxatron
permission: v8.writeHeapSnapshot and process.report
972c92b 
Co-Authored-By: haxatron <haxatron1@gmail.com>
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
@RafaelGSS RafaelGSS force-pushed the handle-write-report branch from 635e2b2 to 972c92b Compare June 30, 2023 15:00
@RafaelGSS RafaelGSS requested a review from joyeecheung June 30, 2023 15:02
RafaelGSS
RafaelGSS commented Jun 30, 2023
View reviewed changes
src/node_report.cc
filename = *DiagnosticFilename(
env != nullptr ? env->thread_id() : 0, "report", "json");
}
if (env != nullptr) {
Copy link
Member Author

@RafaelGSS RafaelGSS Jun 30, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not entirely sure about when the env is null. Would that happen only when OOM or another crash reporter happens? If so, what would be the best way to throw an exception here?

Maybe @gireeshpunathil has some thoughts on this?

@RafaelGSS RafaelGSS added the request-ci Add this label to start a Jenkins CI on a PR. label Jun 30, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 30, 2023
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jun 30, 2023

CI: https://ci.nodejs.org/job/node-test-pull-request/52573/

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jun 30, 2023

CI: https://ci.nodejs.org/job/node-test-pull-request/52574/

This was referenced Jul 1, 2023
Open
Open
Open
Open
ShogunPanda
ShogunPanda approved these changes Jul 4, 2023
View reviewed changes
Copy link
Contributor

@ShogunPanda ShogunPanda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Other than your own comment, LGTM

@RafaelGSS RafaelGSS added the commit-queue Add this label to land a pull request using GitHub Actions. label Jul 4, 2023
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Jul 4, 2023
@nodejs-github-bot nodejs-github-bot merged commit 74c2d9c into nodejs:main Jul 4, 2023
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Jul 4, 2023

Landed in 74c2d9c

@tniessen
Copy link
Member

tniessen commented Jul 4, 2023

FWIW, the commit message does not adhere to the guidelines.

@RafaelGSS
Copy link
Member Author

RafaelGSS commented Jul 4, 2023

FWIW, the commit message does not adhere to the guidelines.

What's missing?

@github-actions github-actions bot mentioned this pull request Jul 5, 2023
Open
20 tasks
@tniessen
Copy link
Member

tniessen commented Jul 5, 2023

An imperative verb after the subsystem :)

@targos
Copy link
Member

targos commented Jul 5, 2023

And in general, the commit message doesn't make much sense. It's impossible (at least for me) to understand what the commit does without looking at the diff.

This was referenced Jul 6, 2023
Open
Open
Open
Open
juanarbol pushed a commit that referenced this pull request Jul 13, 2023
@RafaelGSS @Haxatron @juanarbol
permission: v8.writeHeapSnapshot and process.report
f4333b1 
Co-Authored-By: haxatron <haxatron1@gmail.com>
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
PR-URL: #48564
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
@juanarbol juanarbol mentioned this pull request Jul 13, 2023
Merged
@tniessen tniessen added the permission Issues and PRs related to the Permission Model label Aug 10, 2023
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
@RafaelGSS @Haxatron @Ceres6
permission: v8.writeHeapSnapshot and process.report
4f8badc 
Co-Authored-By: haxatron <haxatron1@gmail.com>
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
PR-URL: nodejs#48564
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
@RafaelGSS @Haxatron @Ceres6
permission: v8.writeHeapSnapshot and process.report
679accc 
Co-Authored-By: haxatron <haxatron1@gmail.com>
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
PR-URL: nodejs#48564
Reviewed-By: Paolo Insogna <paolo@cowtech.it>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
@ruyadorno
Copy link
Member

ruyadorno commented Sep 11, 2023

@RafaelGSS corret me if I'm wrong but I don't believe the permission system is on v18.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ShogunPanda ShogunPanda ShogunPanda approved these changes

@marco-ippolito marco-ippolito marco-ippolito approved these changes

@joyeecheung joyeecheung Awaiting requested review from joyeecheung

Assignees

No one assigned

Labels

c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. needs-ci PRs that need a full CI run. permission Issues and PRs related to the Permission Model

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

8 participants

@RafaelGSS @nodejs-github-bot @tniessen @targos @ruyadorno @ShogunPanda @joyeecheung @marco-ippolito