src: ensure that file descriptors 0-2 are valid #875
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Closed
|
LGTM |
|
This looks good to me, though it definitely doesn't fix #831 |
|
Agreed, but it does fix something in that it makes io.js a little more robust and secure. BTW, CI: https://jenkins-iojs.nodesource.com/view/iojs/job/iojs+any-pr+multi/178/ |
PR-URL: nodejs#875 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Vladimir Kurchatkin <vladimir.kurchatkin@gmail.com>
Check that stdin, stdout and stderr map to open file descriptors and remap them to /dev/null if that isn't the case. Protects against information leaks or worse when io.js is started with closed stdio file descriptors. PR-URL: nodejs#875 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Vladimir Kurchatkin <vladimir.kurchatkin@gmail.com>
bnoordhuis
force-pushed
the
check-stdio-fds
branch
from
5278a6f
to
b5f25a9
Compare
3 tasks
addaleax
pushed a commit
that referenced
this pull request
Mar 20, 2017
Check that stdin, stdout and stderr are valid file descriptors on Windows. If not, reopen them with 'nul' file. Refs: #875 Fixes: #11656 PR-URL: #11863 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
jungx098
pushed a commit
to jungx098/node
that referenced
this pull request
Mar 21, 2017
Check that stdin, stdout and stderr are valid file descriptors on Windows. If not, reopen them with 'nul' file. Refs: nodejs#875 Fixes: nodejs#11656 PR-URL: nodejs#11863 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
MylesBorins
pushed a commit
that referenced
this pull request
Mar 28, 2017
Check that stdin, stdout and stderr are valid file descriptors on Windows. If not, reopen them with 'nul' file. Refs: #875 Fixes: #11656 PR-URL: #11863 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
MylesBorins
pushed a commit
that referenced
this pull request
Apr 18, 2017
Check that stdin, stdout and stderr are valid file descriptors on Windows. If not, reopen them with 'nul' file. Refs: #875 Fixes: #11656 PR-URL: #11863 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
MylesBorins
pushed a commit
that referenced
this pull request
Apr 18, 2017
Check that stdin, stdout and stderr are valid file descriptors on Windows. If not, reopen them with 'nul' file. Refs: #875 Fixes: #11656 PR-URL: #11863 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
MylesBorins
pushed a commit
that referenced
this pull request
Apr 19, 2017
Check that stdin, stdout and stderr are valid file descriptors on Windows. If not, reopen them with 'nul' file. Refs: #875 Fixes: #11656 PR-URL: #11863 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
MylesBorins
pushed a commit
that referenced
this pull request
Apr 19, 2017
Check that stdin, stdout and stderr are valid file descriptors on Windows. If not, reopen them with 'nul' file. Refs: #875 Fixes: #11656 PR-URL: #11863 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
andrew749
pushed a commit
to michielbaird/node
that referenced
this pull request
Jul 19, 2017
Check that stdin, stdout and stderr are valid file descriptors on Windows. If not, reopen them with 'nul' file. Refs: nodejs/node#875 Fixes: nodejs/node#11656 PR-URL: nodejs/node#11863 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net>
obiwac
added a commit
to obiwac/node
that referenced
this pull request
Aug 30, 2022
When checking for the validity of the stdio file descriptors (nodejs#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases (e.g. /dev/null could already have been opened by the acting process and not actually be mapped to the expected file descriptor); instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1).
obiwac
added a commit
to obiwac/node
that referenced
this pull request
Aug 30, 2022
When checking for the validity of the stdio file descriptors (nodejs#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases (e.g. /dev/null could already have been opened by the acting process and not actually be mapped to the expected file descriptor); instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Refs: nodejs#875 Fixes: nodejs/help#2411
obiwac
added a commit
to obiwac/node
that referenced
this pull request
Aug 30, 2022
When checking for the validity of the stdio file descriptors (nodejs#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases (e.g. /dev/null could already have been opened by the acting process and not actually be mapped to the expected file descriptor); instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1).
obiwac
added a commit
to obiwac/node
that referenced
this pull request
Aug 30, 2022
When checking for the validity of the stdio file descriptors (nodejs#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases (e.g. /dev/null could already have been opened by the acting process and not actually be mapped to the expected file descriptor); instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1).
obiwac
added a commit
to obiwac/node
that referenced
this pull request
Aug 30, 2022
When checking for the validity of the stdio file descriptors (nodejs#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases (e.g. /dev/null could already have been opened by the acting process and not actually be mapped to the expected file descriptor); instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: nodejs#875
obiwac
added a commit
to obiwac/node
that referenced
this pull request
Aug 31, 2022
When checking for the validity of the stdio file descriptors (nodejs#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases (e.g. /dev/null could already have been opened by the acting process and not actually be mapped to the expected file descriptor); instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: nodejs#875
obiwac
added a commit
to obiwac/node
that referenced
this pull request
Aug 31, 2022
When checking for the validity of the stdio file descriptors (nodejs#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases (e.g. /dev/null could already have been opened by the acting process and not actually be mapped to the expected file descriptor); instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: nodejs#875
obiwac
added a commit
to obiwac/node
that referenced
this pull request
Aug 31, 2022
When checking for the validity of the stdio file descriptors (nodejs#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases (e.g. /dev/null could already have been opened by the acting process and not actually be mapped to the expected file descriptor); instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: nodejs#875
obiwac
added a commit
to obiwac/node
that referenced
this pull request
Aug 31, 2022
When checking for the validity of the stdio file descriptors (nodejs#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases (e.g. /dev/null could already have been opened by the acting process and not actually be mapped to the expected file descriptor); instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: nodejs#875
obiwac
added a commit
to obiwac/node
that referenced
this pull request
Sep 1, 2022
When checking for the validity of the stdio file descriptors (nodejs#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases (e.g. /dev/null could already have been opened by the acting process and not actually be mapped to the expected file descriptor); instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: nodejs#875
obiwac
added a commit
to obiwac/node
that referenced
this pull request
Sep 1, 2022
When checking for the validity of the stdio file descriptors (nodejs#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases, and is not anymore required by POSIX; instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: nodejs#875
nodejs-github-bot
pushed a commit
that referenced
this pull request
Oct 26, 2022
When checking for the validity of the stdio file descriptors (#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases, and is not anymore required by POSIX; instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: #875 PR-URL: #44461 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
RafaelGSS
pushed a commit
that referenced
this pull request
Nov 1, 2022
When checking for the validity of the stdio file descriptors (#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases, and is not anymore required by POSIX; instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: #875 PR-URL: #44461 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
RafaelGSS
pushed a commit
that referenced
this pull request
Nov 10, 2022
When checking for the validity of the stdio file descriptors (#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases, and is not anymore required by POSIX; instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: #875 PR-URL: #44461 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
danielleadams
pushed a commit
that referenced
this pull request
Dec 30, 2022
When checking for the validity of the stdio file descriptors (#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases, and is not anymore required by POSIX; instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: #875 PR-URL: #44461 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
danielleadams
pushed a commit
that referenced
this pull request
Dec 30, 2022
When checking for the validity of the stdio file descriptors (#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases, and is not anymore required by POSIX; instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: #875 PR-URL: #44461 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
danielleadams
pushed a commit
that referenced
this pull request
Jan 3, 2023
When checking for the validity of the stdio file descriptors (#875), ones which don't exist are intended to be remapped to /dev/null (and, if that doesn't work, we abort). This however doesn't work on all platforms and in all cases, and is not anymore required by POSIX; instead, use the `dup2` syscall as a more robust solution (conforms to POSIX.1). Fixes: nodejs/help#2411 Refs: #875 PR-URL: #44461 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Check that stdin, stdout and stderr map to open file descriptors and
remap them to /dev/null if that isn't the case. Protects against
information leaks or worse when io.js is started with closed stdio
file descriptors.
R=@vkurchatkin
The second commit is an unrelated typo fix.