fix: potential null dereference in normalizeSpawnArguments() patch (#42260)

fix: potential null deref in normalizeSpawnArguments() patch

Use upstream's practice of using `env = options.env || process.env`.
Previously, we were unconditionally assigning CRASHDUMP_SIGNAL_FD
and CRASHPAD_HANDLER_PID to options.env.
This commit is contained in:
Charles Kerr 2024-05-27 03:41:42 -05:00 committed by GitHub
parent 6423968dc5
commit bb4374ee2c
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -8,7 +8,7 @@ to child processes spawned with `ELECTRON_RUN_AS_NODE` which is used
by the crashpad client to connect with the handler process.
diff --git a/lib/child_process.js b/lib/child_process.js
index c09fca512584ce2c674ae1d05136ff4cd8ea8471..3947e231f4e641b97d12c9639a736fab8836787b 100644
index c09fca512584ce2c674ae1d05136ff4cd8ea8471..d4edaa71a7bf6660bad209fbfbc43014bb4bf741 100644
--- a/lib/child_process.js
+++ b/lib/child_process.js
@@ -61,6 +61,7 @@ let debug = require('internal/util/debuglog').debuglog(
@ -27,25 +27,34 @@ index c09fca512584ce2c674ae1d05136ff4cd8ea8471..3947e231f4e641b97d12c9639a736fab
args = [...execArgv, modulePath, ...args];
if (typeof options.stdio === 'string') {
@@ -617,6 +617,21 @@ function normalizeSpawnArguments(file, args, options) {
@@ -617,6 +617,22 @@ function normalizeSpawnArguments(file, args, options) {
'options.windowsVerbatimArguments');
}
+ if (process.platform === 'linux') {
+ if (ObjectPrototypeHasOwnProperty(options.env || process.env, 'ELECTRON_RUN_AS_NODE') &&
+ (file === process.execPath)) {
+ // On Linux, pass the file descriptor which crashpad handler process
+ // uses to monitor the child process and PID of the handler process.
+ // https://source.chromium.org/chromium/chromium/src/+/110.0.5415.0:components/crash/core/app/crashpad_linux.cc;l=199-206
+ const fd = getCrashdumpSignalFD();
+ const pid = getCrashpadHandlerPID();
+ if (fd !== -1 && pid !== -1) {
+ options.env.CRASHDUMP_SIGNAL_FD = fd;
+ options.env.CRASHPAD_HANDLER_PID = pid;
+ }
+ const env = options.env || process.env;
+
+ if ((process.platform === 'linux') &&
+ ObjectPrototypeHasOwnProperty(env, 'ELECTRON_RUN_AS_NODE') &&
+ (file === process.execPath)) {
+ // On Linux, pass the file descriptor which crashpad handler process
+ // uses to monitor the child process and PID of the handler process.
+ // https://source.chromium.org/chromium/chromium/src/+/110.0.5415.0:components/crash/core/app/crashpad_linux.cc;l=199-206
+ const fd = getCrashdumpSignalFD();
+ const pid = getCrashpadHandlerPID();
+ if (fd !== -1 && pid !== -1) {
+ env.CRASHDUMP_SIGNAL_FD = fd;
+ env.CRASHPAD_HANDLER_PID = pid;
+ }
+ }
+
if (options.shell) {
validateArgumentNullCheck(options.shell, 'options.shell');
const command = ArrayPrototypeJoin([file, ...args], ' ');
@@ -650,7 +666,6 @@ function normalizeSpawnArguments(file, args, options) {
ArrayPrototypeUnshift(args, file);
}
- const env = options.env || process.env;
const envPairs = [];
// process.env.NODE_V8_COVERAGE always propagates, making it possible to