From fb35cd0ef496fee9aa65daadf542057f18d6063f Mon Sep 17 00:00:00 2001 From: Ryan Dahl Date: Thu, 9 Sep 2021 08:38:47 -0400 Subject: fix: permission prompt stuffing (#11931) Fixes #9750 --- runtime/Cargo.toml | 2 +- runtime/permissions.rs | 23 +++++++++++++++++++++++ 2 files changed, 24 insertions(+), 1 deletion(-) (limited to 'runtime') diff --git a/runtime/Cargo.toml b/runtime/Cargo.toml index 98983b5de..03a58fdd0 100644 --- a/runtime/Cargo.toml +++ b/runtime/Cargo.toml @@ -85,7 +85,7 @@ uuid = { version = "0.8.2", features = ["v4"] } [target.'cfg(windows)'.dependencies] fwdansi = "1.1.0" -winapi = { version = "0.3.9", features = ["knownfolders", "mswsock", "objbase", "shlobj", "tlhelp32", "winbase", "winerror", "winsock2"] } +winapi = { version = "0.3.9", features = ["commapi", "knownfolders", "mswsock", "objbase", "shlobj", "tlhelp32", "winbase", "winerror", "winsock2"] } [target.'cfg(unix)'.dependencies] nix = "0.22.1" diff --git a/runtime/permissions.rs b/runtime/permissions.rs index 9e97ac234..d1ee7f999 100644 --- a/runtime/permissions.rs +++ b/runtime/permissions.rs @@ -1194,6 +1194,29 @@ fn permission_prompt(message: &str) -> bool { if !atty::is(atty::Stream::Stdin) || !atty::is(atty::Stream::Stderr) { return false; }; + + #[cfg(unix)] + fn clear_stdin() { + let r = unsafe { libc::tcflush(0, libc::TCIFLUSH) }; + assert_eq!(r, 0); + } + + #[cfg(not(unix))] + fn clear_stdin() { + unsafe { + let stdin = winapi::um::processenv::GetStdHandle( + winapi::um::winbase::STD_INPUT_HANDLE, + ); + let flags = + winapi::um::winbase::PURGE_TXCLEAR | winapi::um::winbase::PURGE_RXCLEAR; + winapi::um::commapi::PurgeComm(stdin, flags); + } + } + + // For security reasons we must consume everything in stdin so that previously + // buffered data cannot effect the prompt. + clear_stdin(); + let opts = "[y/n (y = yes allow, n = no deny)] "; let msg = format!( "{} ️Deno requests {}. Allow? {}", -- cgit v1.2.3