Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

recursive option of fs.readdir results in blocking synchronous I/O instead of async readdir #51749

Closed
Rob--W opened this issue Feb 13, 2024 · 2 comments
Closed

recursive option of fs.readdir results in blocking synchronous I/O instead of async readdir #51749

Rob--W opened this issue Feb 13, 2024 · 2 comments
Labels
doc Issues and PRs related to the documentations. fs Issues and PRs related to the fs subsystem / file system.

Comments

@Rob--W
Copy link
Contributor

Rob--W commented Feb 13, 2024

Affected URL(s)

https://nodejs.org/api/fs.html#fspromisesreaddirpath-options

Description of the problem

The readdir method specifies a recursive option that "reads the contents of a directory recursively". This can be a potentially expensive/long-running filesystem query.

The current implementation is synchronous (see below), which means that passing recursive:true would block the calling thread until the I/O completes. Ideally, the implementation would not block the calling thread, but until that is implemented (I didn't find any open issue), the least that can be done is to update the documentation to warn about this risk.

Another aspect worth documenting is to explicitly call out that symlinks are NOT followed. If symlinks were to be followed, then that could potentially result in security issues, such as DoS (infinite readdir loop) or directory traversal outside of the specified directory.

Relevant issues / PRs that introduced this feature:

Relevant source:

node/lib/fs.js

Lines 1458 to 1467 in 544cfc5

function readdir(path, options, callback) {
callback = makeCallback(typeof options === 'function' ? options : callback);
options = getOptions(options);
path = getValidatedPath(path);
if (options.recursive != null) {
validateBoolean(options.recursive, 'options.recursive');
}
if (options.recursive) {
callback(null, readdirSyncRecursive(path, options));

@Rob--W Rob--W added the doc Issues and PRs related to the documentations. label Feb 13, 2024
@MoLow
Copy link
Member

MoLow commented Feb 13, 2024

the recursive watching is done synchronously to avoid timing conditions.
see #51406
feel free to open a PR for adjusting the docs

@MoLow MoLow closed this as not planned Won't fix, can't repro, duplicate, stale Feb 13, 2024
@MoLow MoLow added the fs Issues and PRs related to the fs subsystem / file system. label Feb 13, 2024
@Rob--W
Copy link
Contributor Author

Rob--W commented Feb 14, 2024

the recursive watching is done synchronously to avoid timing conditions.
see #51406

That issue is about fs.watch, which is independent of fs.readdir. If someone really cares about the state synchronously, then they could call fs.readdirSync instead.

feel free to open a PR for adjusting the docs

I filed this issue to request documentation of the fact that there is unbounded sync I/O operation in a supposedly async API. Secondly, I am asking for the symlink behavior to be documented because of security implications when the behavior is undefined.

What is the purpose of the documentation issue template if you close such issues before resolution?

@jiawei397 jiawei397 mentioned this issue Mar 8, 2024
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
doc Issues and PRs related to the documentations. fs Issues and PRs related to the fs subsystem / file system.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Rob--W @MoLow