src: limit GetProcessTitle() result to 1MB

`GetProcessTitle()` otherwise runs an infinite loop when `uv_setup_argv()` has not been called (yet). This is a problem e.g. in assertions from static constructors, which run before `main()` and thus before `argc` and `argv` become available. To solve that, do not allocate more than 1MB of storage for the title and bail out if we reach that point. PR-URL: #35492 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Gus Caplan <[email protected]> Reviewed-By: Tobias Nießen <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
nodejs · Oct 6, 2020 · e09f7f0 · e09f7f0
1 parent 5790c40
commit e09f7f0
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/src/util.cc b/src/util.cc
@@ -144,7 +144,10 @@ std::string GetProcessTitle(const char* default_title) {
     if (rc == 0)
       break;
 
-    if (rc != UV_ENOBUFS)
+    // If uv_setup_args() was not called, `uv_get_process_title()` will always
+    // return `UV_ENOBUFS`, no matter the input size. Guard against a possible
+    // infinite loop by limiting the buffer size.
+    if (rc != UV_ENOBUFS || buf.size() >= 1024 * 1024)
       return default_title;
 
     buf.resize(2 * buf.size());