Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix exclusive spawn mechanism for relative paths and working directories #14812

Conversation

stuhood
Copy link
Member

@stuhood stuhood commented Mar 16, 2022

The exclusive_spawn facility to avoid/retry for ExecutableFileBusy / "Text file busy" is triggered by having materialized arg[0] of a process into the process sandbox. But in the presence of a Process::working_directory and a relative path as arg[0], the facility was not being triggered (since validation of arg[0] as a RelativePath would fail due to it escaping its root).

This relates to #13424 (which would remove the need for the exclusive_spawn facility), but does not fix it: only ensure that we handle an existing known case.

…m the working_directory.

[ci skip-build-wheels]
@stuhood stuhood force-pushed the stuhood/exclusive-spawn-escaping-relative-paths branch from cfe7469 to 4c8b26e Compare March 16, 2022 21:10
@stuhood stuhood added this to the 2.10.x milestone Mar 16, 2022
let mut executable_path = PathBuf::from(&req.argv[0]);
if executable_path.is_relative() {
if let Some(working_directory) = &req.working_directory {
executable_path = working_directory.as_ref().join(executable_path)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should probably be using RelativePath so that ../ are followed and collapsed and there is still verification the root has not been escaped. I can't see the harm if it is escaped, but the effort to avoid the lock is nominally being made, so go all the way?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just saw this, sorry. I agree, but I also don't see the harm in letting it escape. Will let it slide for now to save a tree.

@stuhood stuhood merged commit 2886bd7 into pantsbuild:main Mar 16, 2022
@stuhood stuhood deleted the stuhood/exclusive-spawn-escaping-relative-paths branch March 16, 2022 22:32
stuhood added a commit to stuhood/pants that referenced this pull request Mar 16, 2022
…ies. (pantsbuild#14812)

The `exclusive_spawn` facility to avoid/retry for `ExecutableFileBusy` / "Text file busy" is triggered by having materialized `arg[0]` of a process into the process sandbox. But in the presence of a `Process::working_directory` and a relative path as `arg[0]`, the facility was not being triggered (since validation of `arg[0]` as a `RelativePath` would fail due to it escaping its root).

This relates to pantsbuild#13424 (which would remove the need for the `exclusive_spawn` facility), but does not fix it: only ensure that we handle an existing known case.

[ci skip-build-wheels]
stuhood added a commit that referenced this pull request Mar 16, 2022
…ies. (cherrypick of #14812) (#14816)

The `exclusive_spawn` facility to avoid/retry for `ExecutableFileBusy` / "Text file busy" is triggered by having materialized `arg[0]` of a process into the process sandbox. But in the presence of a `Process::working_directory` and a relative path as `arg[0]`, the facility was not being triggered (since validation of `arg[0]` as a `RelativePath` would fail due to it escaping its root).

This relates to #13424 (which would remove the need for the `exclusive_spawn` facility), but does not fix it: only ensure that we handle an existing known case.

[ci skip-build-wheels]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants