src: fix OOB reads in process.title getter (!31633) · Merge requests · Rodrigo Test / Test Group-nodejs / node

Rodrigo Muino Tomonari requested to merge github/fork/bnoordhuis/fix31631 into master Feb 04, 2020

The getter passed a stack-allocated, fixed-size buffer to uv_get_process_title() but neglected to check the return value.

When the total length of the command line arguments exceeds the size of the buffer, libuv returns UV_ENOBUFS and doesn't modify the contents of the buffer. The getter then proceeded to return whatever garbage was on the stack at the time of the call, quite possibly reading beyond the end of the buffer.

Add a GetProcessTitle() helper that reads the process title into a dynamically allocated buffer that is resized when necessary.

Fixes: #31631 (closed)

this is technically a security vulnerability although probably impossible to exploit practically
the second commit I'm happy to leave out
there's also a minor libuv bug but this PR is still necessary

Admin message

Admin message

src: fix OOB reads in process.title getter

Merge request reports