Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

src: node crashes due to multiline environment value #52266

Closed
wants to merge 5 commits into from
Closed

src: node crashes due to multiline environment value #52266

wants to merge 5 commits into from

Conversation

mertcanaltin
Copy link
Member

Dotenv::ParseContent includes some improvements to avoid crash problems when processing a multiline value
#52248

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run. labels Mar 29, 2024
Mert Can Altin added 2 commits March 29, 2024 22:43
kibertoad
kibertoad reviewed Mar 29, 2024
View reviewed changes
test/parallel/test-dotenv.js Outdated
@@ -76,7 +76,7 @@ assert.strictEqual(process.env.EDGE_CASE_INLINE_COMMENTS, 'VALUE1');
assert.strictEqual(process.env.MULTI_DOUBLE_QUOTED, 'THIS\nIS\nA\nMULTILINE\nSTRING');
assert.strictEqual(process.env.MULTI_SINGLE_QUOTED, 'THIS\nIS\nA\nMULTILINE\nSTRING');
assert.strictEqual(process.env.MULTI_BACKTICKED, 'THIS\nIS\nA\n"MULTILINE\'S"\nSTRING');
assert.strictEqual(process.env.MULTI_NOT_VALID_QUOTE, '"');
assert.strictEqual(process.env.MULTI_NOT_VALID_QUOTE, '');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

does this cover all the added code?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The MULTI_NOT_VALID_QUOTE test makes sure that if there's a line starting with a double quote that doesn't close, we still count it as one single value.

MULTI_NOT_VALID_QUOTE="

IMO we should keep this test to make sure we handle these situations right

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dotenv interprets this as a single quote " too not an empty value

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes this preserves the previous code

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I must have done this wrong I will update it today

anonrig
anonrig requested changes Mar 30, 2024
View reviewed changes
Copy link
Member

@anonrig anonrig left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you add a failing test?

@mertcanaltin
Copy link
Member Author

Can you add a failing test?

I wonder if it's normal to get fail afterwards 🤔

@kibertoad kibertoad mentioned this pull request Mar 30, 2024
Closed
@marco-ippolito
Copy link
Member

Can you add a failing test?

I wonder if it's normal to get fail afterwards 🤔

you can make sure it throws assert.throws

@mertcanaltin
Copy link
Member Author

I wanted to switch to the code in the main branch and test here, but I got such a test error

node git:(dev-52248)  ./node test/parallel/test-dotenv.js --NODE_SKIP_FLAG_CHECK
node:assert:126
  throw new AssertionError(obj);
  ^

AssertionError [ERR_ASSERTION]: Expected values to be strictly equal:
+ actual - expected

+ undefined
- 'basic'
    at Object.<anonymous> (/Users/mert/Desktop/openSource/node/test/parallel/test-dotenv.js:8:8)
    at Module._compile (node:internal/modules/cjs/loader:1421:14)
    at Module._extensions..js (node:internal/modules/cjs/loader:1499:10)
    at Module.load (node:internal/modules/cjs/loader:1232:32)
    at Module._load (node:internal/modules/cjs/loader:1048:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:187:14)
    at node:internal/main/run_main_module:28:49 {
  generatedMessage: true,
  code: 'ERR_ASSERTION',
  actual: undefined,
  expected: 'basic',
  operator: 'strictEqual'
}

Node.js v22.0.0-pre

@mertcanaltin mertcanaltin added the request-ci Add this label to start a Jenkins CI on a PR. label Apr 6, 2024
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Apr 6, 2024
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/58157/

@IlyasShabi IlyasShabi mentioned this pull request Apr 7, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kibertoad kibertoad kibertoad left review comments

@IlyasShabi IlyasShabi IlyasShabi left review comments

@anonrig anonrig Awaiting requested review from anonrig

Assignees
No one assigned
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@mertcanaltin @marco-ippolito @nodejs-github-bot @kibertoad @anonrig @IlyasShabi