New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

buffer: throw on negative .allocUnsafe() argument #7079

Closed
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
9 participants
@addaleax
Member

addaleax commented May 31, 2016

Checklist
  • tests and code linting passes
  • a test and/or benchmark is included
  • the commit message follows commit guidelines
Affected core subsystem(s)

buffer

Description of change

Add a check for size < 0 to assertSize(), as passing a negative value almost certainly indicates a programming error.

This also lines up the behaviour of .allocUnsafe() with the ones of .alloc() and .allocUnsafeSlow() (which previously threw errors from the Uint8Array constructor).

CI: https://ci.nodejs.org/job/node-test-commit/3599/

@yorkie

View changes

lib/buffer.js Outdated
const err = new RangeError('"size" argument must not be negative');
Error.captureStackTrace(err, assertSize);
throw err;
}

This comment has been minimized.

@yorkie

yorkie May 31, 2016

Member

How about this abstraction:

function assertSize(size) {
  let err = null;
  if (typeof size !== 'number') err = new TypeError('"size" argument must be a number');
  if (size < 0) err = new RangeError('"size" argument must not be negative');
  if (err) {
    // The following hides the 'assertSize' method from the
    // callstack. This is done simply to hide the internal
    // details of the implementation from bleeding out to users.
    Error.captureStackTrace(err, assertSize);
    throw err;
  }
}

This could improve the comments for Error.captureStackTrace(err, assertSize);. :-)

This comment has been minimized.

@addaleax

addaleax May 31, 2016

Member

Updated with that, although I’m not it makes a huge difference ;)

@yorkie

View changes

test/parallel/test-buffer.js Outdated
// Check pool offset after that by trying to write string into the pool.
assert.doesNotThrow(() => Buffer.from('abc'));
}

This comment has been minimized.

@yorkie

yorkie May 31, 2016

Member

@addaleax This might make #7051's patch be not covered, is it expected and okay? if not so I think we should add another case for allocate function?

This comment has been minimized.

@addaleax

addaleax May 31, 2016

Member

@yorkie Hm, that’s probably something that’s best resolved after #6893… I’ll mark this PR as blocked until then, I guess.

This comment has been minimized.

@yorkie

yorkie May 31, 2016

Member

However the problem that I mentioned is not resolving what the #6893 resolved, it should that code in #7051 would not be tested after landing this patch, or you are saying the #6893 is going to refactor the whole implementation which would deprecate #7051?

This comment has been minimized.

@addaleax

addaleax May 31, 2016

Member

@yorkie The thing is that allocate() isn’t really exposed right now as far as I can tell, and #6893 changes lines that right now call allocUnsafe() to calling allocate()… but I’m not sure it should, so I’d like to have that sorted out before anything here.

And in general, this PR won’t be in a release until v7.0.0, so it doesn’t have to land anytime soon; @RReverser has rebased his PR a couple of times already and there’s no need to lay the burden of resolving another merge conflict upon him. :)

This comment has been minimized.

@yorkie

yorkie May 31, 2016

Member

Okay, I guess we should take a look again after #6893 gets merged, thanks for telling the detail :-)

@addaleax addaleax added the blocked label May 31, 2016

@addaleax addaleax referenced this pull request May 31, 2016

Closed

buffer: improve creation performance #6893

2 of 2 tasks complete
@ChALkeR

This comment has been minimized.

Member

ChALkeR commented Jun 1, 2016

Should this have 7.0 milestone?

@addaleax addaleax added this to the 7.0.0 milestone Jun 1, 2016

@trevnorris

This comment has been minimized.

Contributor

trevnorris commented Jun 1, 2016

Only suggestion I may have is that Buffer.alloc*() calls were being placed in test/parallel/test-buffer-alloc.js after the new API was introduced. Other than that, LGTM.

@jasnell

This comment has been minimized.

Member

jasnell commented Jun 6, 2016

Aside: we really ought to refactor the test-buffer.js and test-buffer-alloc.js to make those more sane... likely should split them into multiple individual tests.

@RReverser

View changes

lib/buffer.js Outdated
if (typeof size !== 'number')
err = new TypeError('"size" argument must be a number');
if (size < 0)

This comment has been minimized.

@RReverser

RReverser Jun 6, 2016

Member

Perhaps else if here so that it wouldn't attempt to call .valueOf etc. on objects?

This comment has been minimized.

@trevnorris

trevnorris Jun 7, 2016

Contributor

In this case might as well add the test

assert.throws(() => Buffer.alloc({ valueOf: () => -1 }), /"size" argument must be a number/);

or swapping them would achieve the same logical effect.

@addaleax addaleax removed the blocked label Jun 8, 2016

@addaleax addaleax force-pushed the addaleax:buffer-negative-allocunsafe-throw branch Jun 8, 2016

@addaleax

This comment has been minimized.

Member

addaleax commented Jun 8, 2016

Updated with everyone’s comments, new CI: https://ci.nodejs.org/job/node-test-commit/3693/

@ChALkeR

This comment has been minimized.

Member

ChALkeR commented Jun 8, 2016

LGTM

1 similar comment
@cjihrig

This comment has been minimized.

Contributor

cjihrig commented Jun 8, 2016

LGTM

@addaleax addaleax force-pushed the addaleax:buffer-negative-allocunsafe-throw branch Aug 4, 2016

@addaleax

This comment has been minimized.

Member

addaleax commented Aug 4, 2016

Rebased, new CI: https://ci.nodejs.org/job/node-test-commit/4408/

I’ll land this some time in the next couple of days.

@jasnell

This comment has been minimized.

Member

jasnell commented Aug 4, 2016

LGTM

@ChALkeR

This comment has been minimized.

Member

ChALkeR commented Aug 5, 2016

Just to clarify: this now also throws on negative Buffer(number), because that does Buffer.allocUnsafe(number). That should be also noted in the changelog, I suppose.

@jasnell

This comment has been minimized.

Member

jasnell commented Aug 5, 2016

Good catch. +1

@ChALkeR

This comment has been minimized.

Member

ChALkeR commented Aug 5, 2016

Hm. @jasnell, per #7964 do we want to hard-deprecate this first or not?

@jasnell

This comment has been minimized.

Member

jasnell commented Aug 5, 2016

Excellent question! To be honest I don't know. What do you think?
@nodejs/ctc...
Thoughts?

On Thursday, August 4, 2016, Сковорода Никита Андреевич <
notifications@github.com> wrote:

Hm. @jasnell https://github.com/jasnell, per #7964
#7964 do we want to hard-deprecate
this first or not?


You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#7079 (comment), or mute
the thread
https://github.com/notifications/unsubscribe-auth/AAa2ecrWOnS-dbSA8zliVwTg7G-z3e8zks5qcstzgaJpZM4Iqyya
.

@mscdex

This comment has been minimized.

Contributor

mscdex commented Aug 5, 2016

I think I'd be more in favor of just landing in v7.

@ChALkeR

This comment has been minimized.

Member

ChALkeR commented Aug 5, 2016

I'm ok with both and this still LGTM =).

@jasnell

This comment has been minimized.

Member

jasnell commented Aug 5, 2016

Works for me also.

@yorkie

This comment has been minimized.

Member

yorkie commented Aug 5, 2016

LGTM

buffer: throw on negative .allocUnsafe() argument
Add a check for `size < 0` to `assertSize()`, as passing a negative
value almost certainly indicates a programming error.

This also lines up the behaviour of `.allocUnsafe()` with the ones
of `.alloc()` and `.allocUnsafeSlow()` (which previously threw errors
from the Uint8Array constructor).

Notably, this also affects `Buffer()` calls with negative arguments.

@addaleax addaleax force-pushed the addaleax:buffer-negative-allocunsafe-throw branch to be32633 Aug 8, 2016

addaleax added a commit that referenced this pull request Aug 8, 2016

buffer: throw on negative .allocUnsafe() argument
Add a check for `size < 0` to `assertSize()`, as passing a negative
value almost certainly indicates a programming error.

This also lines up the behaviour of `.allocUnsafe()` with the ones
of `.alloc()` and `.allocUnsafeSlow()` (which previously threw errors
from the Uint8Array constructor).

Notably, this also affects `Buffer()` calls with negative arguments.

PR-URL: #7079
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Yorkie Liu <yorkiefixer@gmail.com>
@addaleax

This comment has been minimized.

Member

addaleax commented Aug 8, 2016

I’ve gone ahead and landed this in 8f90dcc since there seems to be agreement that this can safely go into v7.

@addaleax addaleax closed this Aug 8, 2016

@addaleax addaleax deleted the addaleax:buffer-negative-allocunsafe-throw branch Aug 8, 2016

@LinusU

This comment has been minimized.

Contributor

LinusU commented Aug 18, 2016

The docs was not updated with this PR, was that intentional or would a PR for docs be welcome?

@jasnell

This comment has been minimized.

Member

jasnell commented Aug 18, 2016

@LinusU ... doc changes are always helpful!

@jasnell jasnell referenced this pull request Oct 14, 2016

Closed

v7.0.0 Proposal #9099

jasnell added a commit to jasnell/node that referenced this pull request Oct 24, 2016

2016-10-25, Version 7.0.0 (Current)
Notable Changes:

* Buffer
  * Passing invalid input to Buffer.byteLength will now throw an error [nodejs#8946](nodejs#8946).
  * Calling Buffer without new is now deprecated and will emit a process warning [nodejs#8169](nodejs#8169).
  * Passing a negative number to allocUnsafe will now throw an error [nodejs#7079](nodejs#7079).
* Child Process
  * The fork and execFile methods now have stronger argument validation [nodejs#7399](nodejs#7399).
* Cluster
  * The worker.suicide method is deprecated and will emit a process warning [nodejs#3747](nodejs#3747).
* Deps
  * V8 has been updated to 5.4.500.36 [nodejs#8317](nodejs#8317), [nodejs#8852](nodejs#8852), [nodejs#9253](nodejs#9253).
  * NODE_MODULE_VERSION has been updated to 51 [nodejs#8808](nodejs#8808).
* File System
  * A process warning is emitted if a callback is not passed to async file system methods [nodejs#7897](nodejs#7897).
* Intl
  * Intl.v8BreakIterator constructor has been deprecated and will emit a process warning [nodejs#8908](nodejs#8908).
* Promises
  * Unhandled Promise rejections have been deprecated and will emit a process warning [nodejs#8217](nodejs#8217).
* Punycode
  * The `punycode` module has been deprecated [nodejs#7941](nodejs#7941).
* URL
  * An Experimental WHATWG URL Parser has been introduced [nodejs#7448](nodejs#7448).

jasnell added a commit that referenced this pull request Oct 25, 2016

2016-10-25, Version 7.0.0 (Current)
Notable Changes:

* Buffer
  * Passing invalid input to Buffer.byteLength will now throw an error [#8946](#8946).
  * Calling Buffer without new is now deprecated and will emit a process warning [#8169](#8169).
  * Passing a negative number to allocUnsafe will now throw an error [#7079](#7079).
* Child Process
  * The fork and execFile methods now have stronger argument validation [#7399](#7399).
* Cluster
  * The worker.suicide method is deprecated and will emit a process warning [#3747](#3747).
* Deps
  * V8 has been updated to 5.4.500.36 [#8317](#8317), [#8852](#8852), [#9253](#9253).
  * NODE_MODULE_VERSION has been updated to 51 [#8808](#8808).
* File System
  * A process warning is emitted if a callback is not passed to async file system methods [#7897](#7897).
* Intl
  * Intl.v8BreakIterator constructor has been deprecated and will emit a process warning [#8908](#8908).
* Promises
  * Unhandled Promise rejections have been deprecated and will emit a process warning [#8217](#8217).
* Punycode
  * The `punycode` module has been deprecated [#7941](#7941).
* URL
  * An Experimental WHATWG URL Parser has been introduced [#7448](#7448).

PR-URL: #9099

jasnell added a commit that referenced this pull request Oct 25, 2016

2016-10-25, Version 7.0.0 (Current)
Notable Changes:

* Buffer
  * Passing invalid input to Buffer.byteLength will now throw an error [#8946](#8946).
  * Calling Buffer without new is now deprecated and will emit a process warning [#8169](#8169).
  * Passing a negative number to allocUnsafe will now throw an error [#7079](#7079).
* Child Process
  * The fork and execFile methods now have stronger argument validation [#7399](#7399).
* Cluster
  * The worker.suicide method is deprecated and will emit a process warning [#3747](#3747).
* Deps
  * V8 has been updated to 5.4.500.36 [#8317](#8317), [#8852](#8852), [#9253](#9253).
  * NODE_MODULE_VERSION has been updated to 51 [#8808](#8808).
* File System
  * A process warning is emitted if a callback is not passed to async file system methods [#7897](#7897).
* Intl
  * Intl.v8BreakIterator constructor has been deprecated and will emit a process warning [#8908](#8908).
* Promises
  * Unhandled Promise rejections have been deprecated and will emit a process warning [#8217](#8217).
* Punycode
  * The `punycode` module has been deprecated [#7941](#7941).
* URL
  * An Experimental WHATWG URL Parser has been introduced [#7448](#7448).

PR-URL: #9099

imyller added a commit to imyller/meta-nodejs that referenced this pull request Oct 25, 2016

2016-10-25, Version 7.0.0 (Current)
    Notable Changes:

    * Buffer
      * Passing invalid input to Buffer.byteLength will now throw an error [#8946](nodejs/node#8946).
      * Calling Buffer without new is now deprecated and will emit a process warning [#8169](nodejs/node#8169).
      * Passing a negative number to allocUnsafe will now throw an error [#7079](nodejs/node#7079).
    * Child Process
      * The fork and execFile methods now have stronger argument validation [#7399](nodejs/node#7399).
    * Cluster
      * The worker.suicide method is deprecated and will emit a process warning [#3747](nodejs/node#3747).
    * Deps
      * V8 has been updated to 5.4.500.36 [#8317](nodejs/node#8317), [#8852](nodejs/node#8852), [#9253](nodejs/node#9253).
      * NODE_MODULE_VERSION has been updated to 51 [#8808](nodejs/node#8808).
    * File System
      * A process warning is emitted if a callback is not passed to async file system methods [#7897](nodejs/node#7897).
    * Intl
      * Intl.v8BreakIterator constructor has been deprecated and will emit a process warning [#8908](nodejs/node#8908).
    * Promises
      * Unhandled Promise rejections have been deprecated and will emit a process warning [#8217](nodejs/node#8217).
    * Punycode
      * The `punycode` module has been deprecated [#7941](nodejs/node#7941).
    * URL
      * An Experimental WHATWG URL Parser has been introduced [#7448](nodejs/node#7448).

Signed-off-by: Ilkka Myller <ilkka.myller@nodefield.com>

@joyeecheung joyeecheung referenced this pull request Dec 6, 2016

Closed

doc: buffer allocation methods throw for negative size #10151

2 of 2 tasks complete

@gibfahn gibfahn referenced this pull request Jun 15, 2017

Closed

Auditing for 6.11.1 #230

2 of 3 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment