fix(bjs): strndup crash on scripts without directory path — likely root cause of issue #2450#2466
Open
Swissola wants to merge 1 commit into
Open
fix(bjs): strndup crash on scripts without directory path — likely root cause of issue #2450#2466Swissola wants to merge 1 commit into
Swissola wants to merge 1 commit into
Conversation
… path
run_bjs_script_headless() called strndup(filename.c_str(), slash) where
slash = filename.lastIndexOf('/') returns -1 when no path separator is
present. strndup takes size_t, so -1 coerces to SIZE_MAX (~4 GB) and the
allocator either panics on the heap assertion or returns NULL. The
subsequent JS_NewString(ctx, scriptDirpath) then dereferences NULL,
crashing the interpreter before the script runs.
The same bug bites when the path is at root level (slash == 0):
strndup(p, 0) produces an empty string, making __dirpath "" instead of
"/" and breaking any relative path resolution inside the script.
Fix: handle the no-slash and root-slash cases explicitly before falling
through to the normal strndup path.
Likely root cause of issue BruceDevices#2450 (crash launching the app store on
Cardputer ADV), where the app store script path may be constructed
without a leading slash depending on the invocation path.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes a crash in
run_bjs_script_headless()that is the likely root cause of #2450 (crash launching app store on Cardputer ADV).Bug
String::lastIndexOf()returns-1when no/is present.strnduptakessize_t, so-1coerces toSIZE_MAX(~4 GB). The allocator either triggers a heap assertion panic, or returnsNULL. The subsequentJS_NewString(ctx, scriptDirpath)then dereferencesNULL, crashing before the script runs.Secondary case: when
slash == 0(file at filesystem root, e.g./main.js),strndup(p, 0)produces an empty string""instead of"/", breaking any relative path resolution inside the script via__dirpath.Fix
Handle the no-slash and root-slash cases before the normal
strnduppath:Connection to #2450
The app store fetches and invokes scripts. Depending on how the invocation path is constructed, the filename passed to
run_bjs_script_headless()may lack a leading/. On a memory-constrained Cardputer ADV, the near-infinitestrndupallocation attempt hits the heap guard and panics, which matches the reported crash-on-launch behaviour.🤖 Generated with Claude Code