Popen used in a way that may cause deadlock

[ekoyle]

I noticed a minor issue here: https://github.com/zeek/package-manager/blob/da77d8f97f0400852a69bc070ee0ca2ad5c3f8c4/zeekpkg/manager.py#L2748-L2786

This pattern will cause a deadlock if the child process writes enough to stdout to fill the buffer and block.

p = subprocess.Popen(..., stdout=subrpocess.PIPE, stderr=subprocess.PIPE)

# read p.sdterr until EOF
while True:
    # this read() may cause a deadlock as the stdout pipe could fill, causing the child process
    # to block forever on a write to stdout while the parent process is blocking on this read
    # and therefore not reading from p.stdout
    data = p.stderr.read(bufsize)

    if data:
        f.write(data)
    else:
        break

# read p.stdout until EOF
...

It is recommended to use Popen.communicate() to safely handle cases where subprocess.PIPE is used in a Popen (especially more than once) to avoid this issue. If you must read directly from more than one pipe, then epoll(), select(), or similar should be used to avoid blocking reads which could result in a deadlock.