Skip to content

Security/hardening v1.0.1#2

Merged
nyo16 merged 1 commit intomasterfrom
security/hardening-v1.0.1
Mar 2, 2026
Merged

Security/hardening v1.0.1#2
nyo16 merged 1 commit intomasterfrom
security/hardening-v1.0.1

Conversation

@nyo16
Copy link
Copy Markdown
Owner

@nyo16 nyo16 commented Mar 1, 2026

No description provided.

@nyo16
Security hardening and FD leak fixes (v1.0.1)
8cc79d3 
Critical fixes:
- Fix FD TOCTOU race in nif_close — move close() inside mutex
- Fix cgroup path traversal — reject ".." and absolute paths
- Fix 11 FD leaks in shepherd error paths (PTY + pipe modes)
- Fix kill_timeout_ms integer overflow, replace atoi with strtol
- Validate signal range (1-31) in CMD_KILL handler
- NULL-check CMSG_FIRSTHDR return, check sigaction return

Elixir error handling:
- Fix resource leak in spawn_process with two-stage with cleanup
- Fix stream writer crash skipping cleanup (halt then re-raise)
- Add force_exit_timeout for hung shepherd (no exit status)

Build hardening:
- Add -fstack-protector-strong, -D_FORTIFY_SOURCE=2
- Add PIE, RELRO, noexecstack linker flags
- Use pipe2(O_CLOEXEC) on Linux, set_cloexec on macOS

Tests & CI:
- Add leak_test.exs with 9 new tests (FD leaks, concurrent
  close+read, stream abort, cgroup validation, edge cases)
- Add macOS to CI test matrix
- Enforce :linux_only tag exclusion on non-Linux
- Bump version 1.0.0 → 1.0.1
@nyo16 nyo16 force-pushed the security/hardening-v1.0.1 branch from 2077561 to 8cc79d3 Compare March 2, 2026 00:03
@nyo16 nyo16 merged commit 30ae51c into master Mar 2, 2026
7 of 8 checks passed
@nyo16 nyo16 deleted the security/hardening-v1.0.1 branch March 2, 2026 00:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@nyo16