Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spawning some commands on windows fails with error EINVAL in Node 20 LTS (20.12.2) only #52681

Open
RobertSandiford opened this issue Apr 25, 2024 · 2 comments
Open

Spawning some commands on windows fails with error EINVAL in Node 20 LTS (20.12.2) only #52681

RobertSandiford opened this issue Apr 25, 2024 · 2 comments
Labels
child_process Issues and PRs related to the child_process subsystem. windows Issues and PRs related to the Windows platform.

Comments

@RobertSandiford
Copy link

RobertSandiford commented Apr 25, 2024
edited by VoltrexKeyva

Version

v20.12.2

Platform

Microsoft Windows NT 10.0.19045.0 x64

Subsystem

child_process

What steps will reproduce the bug?

node -e "const { spawn } = require('child_process'); const child = spawn('npm.cmd', ['--version'], { stdio: 'inherit' })"

How often does it reproduce? Is there a required condition?

100%

What is the expected behavior? Why is that the expected behavior?

Should print the npm version e.g. 10.2.0 to the console

What do you see instead?

node:internal/child_process:421
    throw new ErrnoException(err, 'spawn');
    ^

Error: spawn EINVAL
    at ChildProcess.spawn (node:internal/child_process:421:11)
    at spawn (node:child_process:761:9)
    at [eval]:1:59
    at runScriptInThisContext (node:internal/vm:209:10)
    at node:internal/process/execution:109:14
    at [eval]-wrapper:6:24
    at runScript (node:internal/process/execution:92:62)
    at evalScript (node:internal/process/execution:123:10)
    at node:internal/main/eval_string:51:3 {
  errno: -4071,
  code: 'EINVAL',
  syscall: 'spawn'
}

Node.js v20.12.2

Additional information

Tested and WORKING in both 20.12.1 (prior version) and 21.0.0 (next version). Appears to affect the LTS only.

I am able to run spawn('node', ['--version'], { stdio: 'inherit' }) without issue. But running node does not require the .cmd extension and errors with with it (ENOENT) in all tested version.

This appears to be an issue spawning commands that require the .cmd extension, I believe this is probably a windows only issue.

I tested also with pnpm.cmd and the behaviour is the same as with npm.cmd
@climba03003
Copy link
Contributor

climba03003 commented Apr 25, 2024
edited

It is intended behavior for the security patch CVE-2024-27980.
You must pass shell: true in the option on Windows environment if you need to spawn program ended with .bat or .cmd extension.

The patch is deployed in 18.20.2, 20.12.2, 21.17.3 and also 22.0.0
Details can be found on https://nodejs.org/en/blog/vulnerability/april-2024-security-releases-2

@RobertSandiford
Copy link
Author

RobertSandiford commented Apr 25, 2024
edited

It is intended behavior for the security patch CVE-2024-27980. You must pass shell: true in the option on Windows environment if you need to spawn program ended with .bat or .cmd extension.

The patch is deployed in 18.20.2, 20.12.2, 21.17.3 and also 22.0.0 Details can be found on https://nodejs.org/en/blog/vulnerability/april-2024-security-releases-2

Thanks.

The error message produced is disappointing - I could not find information on google.

@tsmaeder tsmaeder mentioned this issue Apr 25, 2024
Merged
1 task
@VoltrexKeyva VoltrexKeyva added child_process Issues and PRs related to the child_process subsystem. windows Issues and PRs related to the Windows platform. labels Apr 25, 2024
@ehmicky ehmicky mentioned this issue Apr 26, 2024
Closed
@lyswhut lyswhut mentioned this issue Apr 27, 2024
Closed
@czy88840616 czy88840616 mentioned this issue May 3, 2024
Merged
@t1m0thyj t1m0thyj mentioned this issue May 6, 2024
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
child_process Issues and PRs related to the child_process subsystem. windows Issues and PRs related to the Windows platform.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@RobertSandiford @climba03003 @VoltrexKeyva