Skip to content

Commit

Permalink
src: CHECK() for argument overflow in Spawn()
Browse files Browse the repository at this point in the history 
This commit adds checks for overflow to args and env in Spawn().
It seems extremely unlikely that either of these values would
overflow from a valid use case.

Fixes: nodejs#15622
PR-URL: nodejs#16761
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
  • Loading branch information
@cjihrig
cjihrig committed Nov 7, 2017
1 parent 90a4390 commit de1754a
Showing 1 changed file with 3 additions and 0 deletions.
3 changes: 3 additions & 0 deletions src/process_wrap.cc
View file
Expand Up @@ -185,6 +185,8 @@ class ProcessWrap : public HandleWrap {
if (!argv_v.IsEmpty() && argv_v->IsArray()) {
Local<Array> js_argv = Local<Array>::Cast(argv_v);
int argc = js_argv->Length();
CHECK_GT(argc + 1, 0); // Check for overflow.

// Heap allocate to detect errors. +1 is for nullptr.
options.args = new char*[argc + 1];
for (int i = 0; i < argc; i++) {
Expand All @@ -211,6 +213,7 @@ class ProcessWrap : public HandleWrap {
if (!env_v.IsEmpty() && env_v->IsArray()) {
Local<Array> env_opt = Local<Array>::Cast(env_v);
int envc = env_opt->Length();
CHECK_GT(envc + 1, 0); // Check for overflow.
options.env = new char*[envc + 1]; // Heap allocated to detect errors.
for (int i = 0; i < envc; i++) {
node::Utf8Value pair(env->isolate(),
Expand Down

0 comments on commit de1754a

Please sign in to comment.