search

guard / listen

The Listen gem listens to file modifications and notifies you about the changes.
https://rubygems.org/gems/listen
MIT License
1.92k stars 245 forks source link

linux driver can abort the enclosing process #509

Closed ColinDKelley closed 2 years ago

ColinDKelley commented 3 years ago

Current State

If :INotify::Notifier.new (or #watch) were to raise Errno::ENOSPC, the linux driver would abort the containing process:

      def _configure(directory, &callback)
        require 'rb-inotify'
        @worker ||= ::INotify::Notifier.new
        @worker.watch(directory.to_s, *options.events, &callback)
      rescue Errno::ENOSPC
        abort(INOTIFY_LIMIT_MESSAGE)
      end

Calling abort from a gem is never appropriate.

Desired State

Errno::ENOSPC should be wrapped by raising a named exception (with ENOSPC as the cause). That will raise out of the public interface start. The calling code in the containing process can then take the appropriate action, by rescuing that specific exception or a catch-all base class.

Steps to Reproduce

I didn't try, but you'd need to run out the count of inotify file descriptors. Then call listener.start. That would cause the containing process to abruptly abort.

ColinDKelley commented 3 years ago

@ioquatix Do you agree that this should be fixed? I've never seen it happen in production...but we'd be appalled if it did. It could cause a total outage of a company's service! Yikes. This feels like a "ticking time bomb".

ioquatix commented 3 years ago

Why was it added in the first place?

ColinDKelley commented 3 years ago

That line hasn't been touched in 7 years: https://github.com/guard/listen/commit/f9e82202d80c84f518918cc199cafc804286a6f0

ColinDKelley commented 3 years ago

But it appears to have first been added 8.5 years ago: https://github.com/guard/listen/commit/5e3053d22b7f2ced2230e1192a3426c223056704