From 17a4a5f8a18f87d02c99679997d8efe2b92f12fe Mon Sep 17 00:00:00 2001 From: Sam Roberts Date: Fri, 12 May 2017 12:39:11 -0700 Subject: [PATCH] src: whitelist new options for NODE_OPTIONS Add --inspect-*, --napi-modules, --trace-event-categories Remove --prof-process, like -p and -e, it causes node to do something other than run node js scripts. PR-URL: https://github.com/nodejs/node/pull/13002 Reviewed-By: Refael Ackermann Reviewed-By: James M Snell Reviewed-By: Colin Ihrig Reviewed-By: Michael Dawson --- doc/api/cli.md | 6 +++++- src/node.cc | 14 +++++++++----- 2 files changed, 14 insertions(+), 6 deletions(-) diff --git a/doc/api/cli.md b/doc/api/cli.md index 765bc2b9a36380..d53052dbdc8e4f 100644 --- a/doc/api/cli.md +++ b/doc/api/cli.md @@ -411,14 +411,18 @@ Node options that are allowed are: - `--enable-fips` - `--force-fips` - `--icu-data-dir` +- `--inspect-brk` +- `--inspect-port` +- `--inspect` +- `--napi-modules` - `--no-deprecation` - `--no-warnings` - `--openssl-config` -- `--prof-process` - `--redirect-warnings` - `--require`, `-r` - `--throw-deprecation` - `--trace-deprecation` +- `--trace-events-categories` - `--trace-events-enabled` - `--trace-sync-io` - `--trace-warnings` diff --git a/src/node.cc b/src/node.cc index 8ad742b0c1f561..fb98fcebc2a4a5 100644 --- a/src/node.cc +++ b/src/node.cc @@ -3703,25 +3703,29 @@ static void CheckIfAllowedInEnv(const char* exe, bool is_env, static const char* whitelist[] = { // Node options - "-r", "--require", + "--require", "-r", + "--inspect", + "--inspect-brk", + "--inspect-port", "--no-deprecation", + "--trace-deprecation", + "--throw-deprecation", "--no-warnings", + "--napi-modules", "--trace-warnings", "--redirect-warnings", - "--trace-deprecation", "--trace-sync-io", "--trace-events-enabled", + "--trace-events-categories", "--track-heap-objects", - "--throw-deprecation", "--zero-fill-buffers", "--v8-pool-size", - "--use-openssl-ca", "--use-bundled-ca", + "--use-openssl-ca", "--enable-fips", "--force-fips", "--openssl-config", "--icu-data-dir", - "--napi-modules", // V8 options "--max_old_space_size",