Skip to content

fix: correct parsing of second-instance additionalData#50119

Merged
MarshallOfSound merged 1 commit intomainfrom
sam/process-singleton-additionaldata-fix
Mar 8, 2026
Merged

fix: correct parsing of second-instance additionalData#50119
MarshallOfSound merged 1 commit intomainfrom
sam/process-singleton-additionaldata-fix

Conversation

@MarshallOfSound
Copy link
Copy Markdown
Member

@MarshallOfSound MarshallOfSound commented Mar 8, 2026

Description

Fixes two parsing issues in the app.requestSingleInstanceLock / second-instance data path:

POSIX (process_singleton_posix.cc): The socket message parser did not check the return value of base::StringToSizeT when reading the argv count and additional-data length fields, and did not validate those counts against the actual number of tokens received. A malformed message from a second instance could produce incorrect slicing.

Windows (chrome_process_finder.cc / process_singleton_win.cc): additionalData bytes were reinterpret_cast directly into the null-delimited wchar_t buffer used for WM_COPYDATA. V8's serialization format regularly contains 0x00 bytes (varint-encoded zero lengths, etc.), and any aligned 0x0000 pair terminated the field early on the receive side. The result: complex additionalData objects could arrive truncated and fail to deserialize, while simple ones happened to work. Now base64-encoded before embedding.

Checklist

  • PR description included
  • npm test passes (app.requestSingleInstanceLock suite — 11/11)
  • Follows the PR guidelines

Release Notes

Notes: Fixed an issue where additionalData passed to app.requestSingleInstanceLock on Windows could be truncated or fail to deserialize in the primary instance's second-instance event.

@MarshallOfSound MarshallOfSound added semver/patch backwards-compatible bug fixes target/38-x-y PR should also be added to the "38-x-y" branch. labels Mar 8, 2026
@MarshallOfSound MarshallOfSound requested a review from a team as a code owner March 8, 2026 06:52
@MarshallOfSound MarshallOfSound added target/39-x-y PR should also be added to the "39-x-y" branch. target/40-x-y PR should also be added to the "40-x-y" branch. target/41-x-y PR should also be added to the "41-x-y" branch. labels Mar 8, 2026
@electron-cation electron-cation bot added the new-pr 🌱 PR opened recently label Mar 8, 2026
@MarshallOfSound
fix: correct parsing of second-instance additionalData
22379fa 
- POSIX: validate StringToSizeT result and token count when splitting
  the socket message into argv and additionalData; previously a
  malformed message could produce incorrect slicing.
- Windows: base64-encode additionalData before embedding in the
  null-delimited wchar_t buffer. The prior reinterpret_cast approach
  dropped everything after the first aligned 0x0000 in the serialized
  payload, so complex objects could arrive truncated.
@MarshallOfSound MarshallOfSound force-pushed the sam/process-singleton-additionaldata-fix branch from 0cacb59 to 22379fa Compare March 8, 2026 07:57
@MarshallOfSound MarshallOfSound merged commit fb13492 into main Mar 8, 2026
63 checks passed
@MarshallOfSound MarshallOfSound deleted the sam/process-singleton-additionaldata-fix branch March 8, 2026 22:39
@release-clerk
Copy link
Copy Markdown

release-clerk bot commented Mar 8, 2026

Release Notes Persisted

Fixed an issue where additionalData passed to app.requestSingleInstanceLock on Windows could be truncated or fail to deserialize in the primary instance's second-instance event.

@trop
Copy link
Copy Markdown
Contributor

trop bot commented Mar 8, 2026

I was unable to backport this PR to "38-x-y" cleanly;
you will need to perform this backport manually.

@trop trop bot added needs-manual-bp/38-x-y and removed target/38-x-y PR should also be added to the "38-x-y" branch. labels Mar 8, 2026
@trop
Copy link
Copy Markdown
Contributor

trop bot commented Mar 8, 2026

I was unable to backport this PR to "39-x-y" cleanly;
you will need to perform this backport manually.

@trop
Copy link
Copy Markdown
Contributor

trop bot commented Mar 8, 2026

I was unable to backport this PR to "40-x-y" cleanly;
you will need to perform this backport manually.

@trop trop bot added needs-manual-bp/39-x-y needs-manual-bp/40-x-y and removed target/39-x-y PR should also be added to the "39-x-y" branch. target/40-x-y PR should also be added to the "40-x-y" branch. labels Mar 8, 2026
@trop
Copy link
Copy Markdown
Contributor

trop bot commented Mar 8, 2026

I was unable to backport this PR to "41-x-y" cleanly;
you will need to perform this backport manually.

@trop trop bot added needs-manual-bp/41-x-y and removed target/41-x-y PR should also be added to the "41-x-y" branch. labels Mar 8, 2026
MarshallOfSound added a commit that referenced this pull request Mar 9, 2026
@MarshallOfSound
fix: correct parsing of second-instance additionalData
73aeea8 
- POSIX: validate StringToSizeT result and token count when splitting
  the socket message into argv and additionalData; previously a
  malformed message could produce incorrect slicing.
- Windows: base64-encode additionalData before embedding in the
  null-delimited wchar_t buffer. The prior reinterpret_cast approach
  dropped everything after the first aligned 0x0000 in the serialized
  payload, so complex objects could arrive truncated.

Manually backported from #50119
@MarshallOfSound MarshallOfSound mentioned this pull request Mar 9, 2026
Merged
@trop
Copy link
Copy Markdown
Contributor

trop bot commented Mar 9, 2026

@MarshallOfSound has manually backported this PR to "41-x-y", please check out #50154

MarshallOfSound added a commit that referenced this pull request Mar 9, 2026
@MarshallOfSound
fix: correct parsing of second-instance additionalData
dd89d4f 
- POSIX: validate StringToSizeT result and token count when splitting
  the socket message into argv and additionalData; previously a
  malformed message could produce incorrect slicing.
- Windows: base64-encode additionalData before embedding in the
  null-delimited wchar_t buffer. The prior reinterpret_cast approach
  dropped everything after the first aligned 0x0000 in the serialized
  payload, so complex objects could arrive truncated.

Manually backported from #50119
@MarshallOfSound MarshallOfSound mentioned this pull request Mar 9, 2026
Merged
@trop
Copy link
Copy Markdown
Contributor

trop bot commented Mar 9, 2026

@MarshallOfSound has manually backported this PR to "40-x-y", please check out #50162

MarshallOfSound added a commit that referenced this pull request Mar 9, 2026
@MarshallOfSound
fix: correct parsing of second-instance additionalData
869396a 
- POSIX: validate StringToSizeT result and token count when splitting
  the socket message into argv and additionalData; previously a
  malformed message could produce incorrect slicing.
- Windows: base64-encode additionalData before embedding in the
  null-delimited wchar_t buffer. The prior reinterpret_cast approach
  dropped everything after the first aligned 0x0000 in the serialized
  payload, so complex objects could arrive truncated.

Manually backported from #50119
@MarshallOfSound MarshallOfSound mentioned this pull request Mar 9, 2026
Merged
@trop
Copy link
Copy Markdown
Contributor

trop bot commented Mar 9, 2026

@MarshallOfSound has manually backported this PR to "39-x-y", please check out #50174

MarshallOfSound added a commit that referenced this pull request Mar 9, 2026
@MarshallOfSound
fix: correct parsing of second-instance additionalData
67963d3 
- POSIX: validate StringToSizeT result and token count when splitting
  the socket message into argv and additionalData; previously a
  malformed message could produce incorrect slicing.
- Windows: base64-encode additionalData before embedding in the
  null-delimited wchar_t buffer. The prior reinterpret_cast approach
  dropped everything after the first aligned 0x0000 in the serialized
  payload, so complex objects could arrive truncated.

Manually backported from #50119
@MarshallOfSound MarshallOfSound mentioned this pull request Mar 9, 2026
Merged
@trop
Copy link
Copy Markdown
Contributor

trop bot commented Mar 9, 2026

@MarshallOfSound has manually backported this PR to "38-x-y", please check out #50177

MarshallOfSound added a commit that referenced this pull request Mar 10, 2026
@MarshallOfSound
fix: correct parsing of second-instance additionalData (#50154)
e78e2ca 
- POSIX: validate StringToSizeT result and token count when splitting
  the socket message into argv and additionalData; previously a
  malformed message could produce incorrect slicing.
- Windows: base64-encode additionalData before embedding in the
  null-delimited wchar_t buffer. The prior reinterpret_cast approach
  dropped everything after the first aligned 0x0000 in the serialized
  payload, so complex objects could arrive truncated.

Manually backported from #50119
@trop trop bot added merged/41-x-y PR was merged to the "41-x-y" branch. and removed in-flight/41-x-y labels Mar 10, 2026
VerteDinde pushed a commit that referenced this pull request Mar 10, 2026
@MarshallOfSound
fix: correct parsing of second-instance additionalData (#50177)
9ffc255 
- POSIX: validate StringToSizeT result and token count when splitting
  the socket message into argv and additionalData; previously a
  malformed message could produce incorrect slicing.
- Windows: base64-encode additionalData before embedding in the
  null-delimited wchar_t buffer. The prior reinterpret_cast approach
  dropped everything after the first aligned 0x0000 in the serialized
  payload, so complex objects could arrive truncated.

Manually backported from #50119
@trop trop bot added merged/38-x-y PR was merged to the "38-x-y" branch. and removed in-flight/38-x-y labels Mar 10, 2026
codebytere pushed a commit that referenced this pull request Mar 10, 2026
@MarshallOfSound
fix: correct parsing of second-instance additionalData (#50162)
4480c35 
- POSIX: validate StringToSizeT result and token count when splitting
  the socket message into argv and additionalData; previously a
  malformed message could produce incorrect slicing.
- Windows: base64-encode additionalData before embedding in the
  null-delimited wchar_t buffer. The prior reinterpret_cast approach
  dropped everything after the first aligned 0x0000 in the serialized
  payload, so complex objects could arrive truncated.

Manually backported from #50119
@trop trop bot added merged/40-x-y PR was merged to the "40-x-y" branch. and removed in-flight/40-x-y labels Mar 10, 2026
codebytere pushed a commit that referenced this pull request Mar 10, 2026
@MarshallOfSound
fix: correct parsing of second-instance additionalData (#50174)
db7ed2b 
- POSIX: validate StringToSizeT result and token count when splitting
  the socket message into argv and additionalData; previously a
  malformed message could produce incorrect slicing.
- Windows: base64-encode additionalData before embedding in the
  null-delimited wchar_t buffer. The prior reinterpret_cast approach
  dropped everything after the first aligned 0x0000 in the serialized
  payload, so complex objects could arrive truncated.

Manually backported from #50119
@trop trop bot added merged/39-x-y PR was merged to the "39-x-y" branch. and removed in-flight/39-x-y labels Mar 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@codebytere codebytere codebytere approved these changes

Assignees

No one assigned

Labels

merged/38-x-y PR was merged to the "38-x-y" branch. merged/39-x-y PR was merged to the "39-x-y" branch. merged/40-x-y PR was merged to the "40-x-y" branch. merged/41-x-y PR was merged to the "41-x-y" branch. new-pr 🌱 PR opened recently semver/patch backwards-compatible bug fixes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MarshallOfSound @codebytere