clean up

fraidev · fraidev · commit 8e3968c3c481 · 2026-03-12T18:56:41.000-03:00
diff --git a/ext/node/ops/fs.rs b/ext/node/ops/fs.rs
@@ -760,11 +760,36 @@ pub async fn op_node_rmdir(
   Ok(())
 }
 
+/// Check if a handle is managed by a non-fsFile internal Deno resource.
+/// fsFile and signal resources are allowed to be dup'd (for node:fs and
+/// native addons like node-pty). Other managed resources (SQLite, internal
+/// pipes) are denied. Unmanaged handles are allowed through.
+fn deny_internal_resource_handle(
+  state: &mut OpState,
+  handle: deno_core::ResourceHandleFd,
+) -> Result<(), FsError> {
+  for (rid, name) in state.resource_table.names() {
+    if name == "fsFile" || name == "signal" {
+      continue;
+    }
+    if matches!(
+      state.resource_table.get_handle(rid),
+      Ok(deno_core::ResourceHandle::Fd(existing)) if existing == handle
+    ) {
+      return Err(FsError::Io(std::io::Error::new(
+        std::io::ErrorKind::PermissionDenied,
+        "File descriptor is managed by an internal Deno resource",
+      )));
+    }
+  }
+  Ok(())
+}
+
 /// Create a file resource from a raw file descriptor by dup'ing it first.
 /// This is safe for cross-worker use because the dup'd fd is independently
 /// owned and can be closed without affecting the original.
 ///
-/// Safety: allows dup of fds that are either unmanaged (external: child_process
+/// Allows dup of fds that are either unmanaged (external: child_process
 /// pipes, native addons) or owned by an "fsFile" resource (opened via node:fs).
 /// Denies dup of fds managed by non-fsFile internal Deno resources (e.g.
 /// SQLite, internal pipes) to prevent unauthorized access.
@@ -790,26 +815,7 @@ fn dup_fd_impl(state: &mut OpState, fd: i32) -> Result<ResourceId, FsError> {
     )));
   }
 
-  // Check if this fd is managed by a non-fsFile internal Deno resource.
-  // fsFile resources (opened via node:fs) are safe to dup.
-  // Other managed resources (SQLite, internal pipes) are denied.
-  // Unmanaged fds (child_process, native addons) are allowed through.
-  for (rid, name) in state.resource_table.names() {
-    if name == "fsFile" || name == "signal" {
-      // node:fs and node:signal resources are allowed to be dup'd for use in
-      // native addons like node-pty
-      continue;
-    }
-    if matches!(
-      state.resource_table.get_handle(rid),
-      Ok(deno_core::ResourceHandle::Fd(existing_fd)) if existing_fd == fd
-    ) {
-      return Err(FsError::Io(std::io::Error::new(
-        std::io::ErrorKind::PermissionDenied,
-        "File descriptor is managed by an internal Deno resource",
-      )));
-    }
-  }
+  deny_internal_resource_handle(state, fd)?;
 
   // SAFETY: dup() creates a new fd pointing to the same open file description.
   let new_fd = unsafe { libc::dup(fd) };
@@ -900,24 +906,7 @@ fn dup_fd_impl(state: &mut OpState, fd: i32) -> Result<ResourceId, FsError> {
   }
   let handle = raw_handle as RawHandle;
 
-  // Check if this handle is managed by a non-fsFile internal Deno resource.
-  // fsFile resources (opened via node:fs) are safe to dup.
-  // Other managed resources (SQLite, internal pipes) are denied.
-  // Unmanaged fds (child_process, native addons) are allowed through.
-  for (rid, name) in state.resource_table.names() {
-    if name == "fsFile" || name == "signal" {
-      continue;
-    }
-    if matches!(
-      state.resource_table.get_handle(rid),
-      Ok(deno_core::ResourceHandle::Fd(existing_handle)) if existing_handle == handle
-    ) {
-      return Err(FsError::Io(std::io::Error::new(
-        std::io::ErrorKind::PermissionDenied,
-        "File descriptor is managed by an internal Deno resource",
-      )));
-    }
-  }
+  deny_internal_resource_handle(state, handle)?;
 
   // Duplicate the handle so it's independently owned and closeable.
   // SAFETY: handle is valid (checked above via get_osfhandle).
