RFR: 8307990: jspawnhelper must close its writing side of a pipe before reading from it
Volker Simonis
simonis at openjdk.org
Wed May 17 12:43:46 UTC 2023
On Tue, 16 May 2023 12:32:44 GMT, Thomas Stuefe <stuefe at openjdk.org> wrote:
> > > > I wonder if @Martin-Buchholz is able to look at this one?
> > > > My concern with changes like this is that they fix an issue but then have unexpected side-effects themselves.
> > >
> > >
> > > Are there any specific concerns you have?
> >
> >
> > There seems to be more going on here than just closing the write side of the pipe. We will now error out if any of the readFully's do a short read, rather than just when reporting an error - which on the surface seems like a good thing, but what if harmless short-reads can actually happen in some contexts?
>
> I agree, it would be clearer to just to the close.
Sorry, but I don't understand this argument. If we do a short read we will work with corrupted `ChildStuff` and `SpawnInfo` structures. This can in the extreme case execute arbitrary code (e.g. if `ChildStuff.argv` is not fully read from the parent). You are basically saying it is better to work on corrupted data rather than reporting an error.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/13956#issuecomment-1551321557
More information about the core-libs-dev
mailing list