Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

invalid floating point uid or gid for spawn/execSync causes uv to assert and abort node #9722

Closed
sam-github opened this issue Nov 21, 2016 · 14 comments
Closed

invalid floating point uid or gid for spawn/execSync causes uv to assert and abort node #9722

sam-github opened this issue Nov 21, 2016 · 14 comments
Labels
child_process Issues and PRs related to the child_process subsystem. confirmed-bug Issues with confirmed bugs.

Comments

@sam-github
Copy link
Contributor

sam-github commented Nov 21, 2016
edited
Loading

  • Version: 0.12 to v8.0.0-pre
> child_process.spawnSync("cat", {uid: 3.5})
node: ../deps/uv/src/unix/core.c:166: uv_close: Assertion `0' failed.
zsh: abort (core dumped)  ./node

Also

> child_process.execSync("date", {uid: 3.5})
node: ../deps/uv/src/unix/core.c:161: uv_close: Assertion `0' failed.
zsh: abort (core dumped)
% ./node --version
v8.0.0-pre

EDIT: git aborts, too
@sam-github sam-github added child_process Issues and PRs related to the child_process subsystem. confirmed-bug Issues with confirmed bugs. libuv Issues and PRs related to the libuv dependency or the uv binding. labels Nov 21, 2016
@sam-github
Copy link
Contributor Author

See #8312 (comment), /to @saghul not sure if this is a uv bug, or node not checking for bad input before calling uv.

@sam-github sam-github mentioned this issue Nov 21, 2016
Merged
3 tasks
@sam-github sam-github changed the title invalid floating point uid for spawn/execSync causes uv to assert and abort node invalid floating point uid or gid for spawn/execSync causes uv to assert and abort node Nov 21, 2016
@cjihrig
Copy link
Contributor

cjihrig commented Nov 21, 2016

I'll take care of the validation in Node in #8312. It might be good for libuv to return EINVAL or something though.

@sam-github
Copy link
Contributor Author

@cjihrig I assumed you would validate, I reported because #8321 is semver-major, and this bug exists all the way back to 0.12, so across every LTS release, so some sub-set of #8321 will need to be backported.

@sam-github
Copy link
Contributor Author

@cjihrig did I do right to label it with the node versions it effects? Is that the trigger for the fix to be backported?

@cjihrig
Copy link
Contributor

cjihrig commented Nov 21, 2016

I think so, but I think backports are more driven by the labels on the PRs (lts-watch-*, dont-land-on-*).

It would great if what each label meant could be documented somewhere (preferably by GitHub). They are usually self explanatory, but we're up to 100 of them.

@sam-github
Copy link
Contributor Author

@thealphanerd or @nodejs/lts - I think the LTS process needs some docs. I may have over or under labelled, not sure!

@MylesBorins
Copy link
Member

@sam-github the watch labels are for prs that need to be audited / backported. I'll work on something this week for the collaborator guide

@sam-github
Copy link
Contributor Author

@thealphanerd ok, took the watch labels off, just left the version labels on, those are the versions the bug is in

@bnoordhuis
Copy link
Member

I don't think #8312 (comment) is a libuv bug. It looks like node.js is trying to close an uninitialized handle, presumably a uv_process_t handle.

cjihrig added a commit to cjihrig/node that referenced this issue Dec 25, 2016
@cjihrig
src: add handle check to spawn_sync
b374ee8 
This commit verifies that the child process handle is of the
correct type before trying to close it in
CloseHandlesAndDeleteLoop(). This catches the case where input
validation failed, and the child process was never actually
spawned.

Fixes: nodejs#8096
Fixes: nodejs#8539
Refs: nodejs#9722
PR-URL: nodejs#8312
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
cjihrig added a commit to cjihrig/node that referenced this issue Dec 25, 2016
@cjihrig
child_process: improve input validation
fc7b0dd 
This commit applies stricter input validation in
normalizeSpawnArguments(), which is run by all of the
child_process methods. Additional checks are added for spawnSync()
specific inputs.

Fixes: nodejs#8096
Fixes: nodejs#8539
Refs: nodejs#9722
PR-URL: nodejs#8312
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
cjihrig added a commit to cjihrig/node that referenced this issue Dec 25, 2016
@cjihrig
src: remove redundant spawn/spawnSync type checks
45c9ca7 
This commit removes C++ checks from spawn() and spawnSync()
that are duplicates of the JavaScript type checking.

Fixes: nodejs#8096
Fixes: nodejs#8539
Refs: nodejs#9722
PR-URL: nodejs#8312
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
@jasnell
Copy link
Member

jasnell commented Dec 29, 2016

Pulling the v0.12 labels off this given that support for v0.12 is coming to an end in two days and there will not be any further updates to v0.12

@jasnell jasnell removed the v0.12 label Dec 29, 2016
italoacasas pushed a commit to italoacasas/node that referenced this issue Jan 18, 2017
@cjihrig @italoacasas
src: add handle check to spawn_sync
7a3781b 
This commit verifies that the child process handle is of the
correct type before trying to close it in
CloseHandlesAndDeleteLoop(). This catches the case where input
validation failed, and the child process was never actually
spawned.

Fixes: nodejs#8096
Fixes: nodejs#8539
Refs: nodejs#9722
PR-URL: nodejs#8312
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
italoacasas pushed a commit to italoacasas/node that referenced this issue Jan 18, 2017
@cjihrig @italoacasas
child_process: improve input validation
edcb385 
This commit applies stricter input validation in
normalizeSpawnArguments(), which is run by all of the
child_process methods. Additional checks are added for spawnSync()
specific inputs.

Fixes: nodejs#8096
Fixes: nodejs#8539
Refs: nodejs#9722
PR-URL: nodejs#8312
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
italoacasas pushed a commit to italoacasas/node that referenced this issue Jan 18, 2017
@cjihrig @italoacasas
src: remove redundant spawn/spawnSync type checks
f3e921a 
This commit removes C++ checks from spawn() and spawnSync()
that are duplicates of the JavaScript type checking.

Fixes: nodejs#8096
Fixes: nodejs#8539
Refs: nodejs#9722
PR-URL: nodejs#8312
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
@targos
Copy link
Member

targos commented Jan 29, 2017

This was fixed in #8312 but it is semver-major.

@davisjam
Copy link
Contributor

davisjam commented Feb 3, 2017

For what it's worth, the opts object is picky about other fields as well. For example, when I supply a timeout as a String instead of a Number I also encounter this crash.

#8312 also fixes the timeout String vs. Number problem.

@TimothyGu
Copy link
Member

Is there anything more we can do about this? The PR did land on master already but I don't think it can be backported due to semver-major.

@cjihrig cjihrig removed the libuv Issues and PRs related to the libuv dependency or the uv binding. label May 17, 2017
@Trott
Copy link
Member

Trott commented Aug 13, 2017

This issue has been inactive for sufficiently long that it seems like perhaps it should be closed. Feel free to re-open (or leave a comment requesting that it be re-opened) if you disagree. I'm just tidying up and not acting on a super-strong opinion or anything like that.

@Trott Trott closed this as completed Aug 13, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
child_process Issues and PRs related to the child_process subsystem. confirmed-bug Issues with confirmed bugs.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
9 participants
@sam-github @bnoordhuis @jasnell @MylesBorins @Trott @TimothyGu @targos @cjihrig @davisjam