New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

lib,src: reset zero fill flag on exception #7093

Merged
merged 2 commits into from Jun 2, 2016

Conversation

Projects
None yet
5 participants
@bnoordhuis
Member

bnoordhuis commented Jun 1, 2016

R=@ChALkeR. I had to apply a small style fix-up to stop the linter from complaining.

I'm tagging this dont-land-on-anything but the test probably should be backported.

CI: https://ci.nodejs.org/job/node-test-pull-request/2891/

@jasnell

This comment has been minimized.

Member

jasnell commented Jun 1, 2016

LGTM.
@ChALkeR ... my apologies for missing the removal of the try/catch in the original PR. I saw the green CI and had incorrectly assumed that a test covering this was already being run.

@ChALkeR

This comment has been minimized.

Member

ChALkeR commented Jun 1, 2016

@bnoordhuis

I had to apply a small style fix-up to stop the linter from complaining.

If it's about missing ;, I believe I fixed that already in the original PR. If not — what was it?

@bnoordhuis

This comment has been minimized.

Member

bnoordhuis commented Jun 1, 2016

Yes, the missing semicolon.

@ChALkeR ChALkeR referenced this pull request Jun 1, 2016

Closed

Revert 7082 #7092

try {
var ui8 = new Uint8Array(size);
} finally {
if (noZeroFill)

This comment has been minimized.

@ChALkeR

ChALkeR Jun 1, 2016

Member

Is an extra if needed here?

This comment has been minimized.

@bnoordhuis

bnoordhuis Jun 1, 2016

Member

'Needed', no, but I added it for symmetry with the check above and because it saves a bounds check.

This comment has been minimized.

@ChALkeR

ChALkeR Jun 1, 2016

Member

@bnoordhuis Ah, that makes sense. Thanks!

@ChALkeR

This comment has been minimized.

Member

ChALkeR commented Jun 1, 2016

Originally, that code looked like

flags[kNoZeroFill] = noZeroFill ? 1 : 0;
try {
  const ui8 = new Uint8Array(size);
  Object.setPrototypeOf(ui8, Buffer.prototype);
  return ui8;
} finally {
  flags[kNoZeroFill] = 0;
}

That way, we can keep it const. It's not important, though.

LGTM, thanks!

@ChALkeR

This comment has been minimized.

Member

ChALkeR commented Jun 1, 2016

@jasnell It was my fault that the testcase was missing. I opened a separate issue to share my considerations about publishing testcases for security issues and to discuss how that should be done.

@ChALkeR ChALkeR referenced this pull request Jun 1, 2016

Closed

buffer: improve creation performance #6893

2 of 2 tasks complete
@ChALkeR

This comment has been minimized.

Member

ChALkeR commented Jun 1, 2016

Ah. @bnoordhuis, the first commit here misses a description.

dd67608 has an explanation why that try-finally was introduced.

// Test failed or zero-sized Buffer allocations not affecting typed arrays
{
const zeroArray = new Uint32Array(10).fill(0);

This comment has been minimized.

@trevnorris

trevnorris Jun 1, 2016

Contributor

is the .fill(0) just precautionary in case it hasn't been properly zero filled?

This comment has been minimized.

@ChALkeR

ChALkeR Jun 2, 2016

Member

This testcase ensures that typed arrays are zero filled, by comparing them to a typed array that is surely zero-filled.

If something breaks and typed arrays become non zero filled, then this testcase should fail. Without .fill(0) a change where this and following typed arrays become filled with equivalent garbage (e.g. with a constant number due to some of the previous tests) will slip through.

This comment has been minimized.

@trevnorris

trevnorris Jun 2, 2016

Contributor

Sure. But

a change where this and following typed arrays become filled with equivalent garbage

the two allocations would need to be filled with exactly the same garbage, for several allocations. Though I see what you're getting at.

@trevnorris

This comment has been minimized.

Contributor

trevnorris commented Jun 1, 2016

LGTM.

zero_fill_field_ = 1;
return malloc(size);
else
return malloc(size);

This comment has been minimized.

@RReverser

RReverser Jun 1, 2016

Member

Can't we just reset zero-flag here instead of delegating to JS side, right before the malloc so that allocation exception couldn't happen yet? This would lead to less changes + would avoid try-catch deopt in createBuffer.

This comment has been minimized.

@trevnorris

trevnorris Jun 2, 2016

Contributor

That was my initial implementation. Problem is if new Uint8Array() for some reason throws it'll stay flipped.

This comment has been minimized.

@ChALkeR

ChALkeR Jun 2, 2016

Member

Not sure of that. try-finally also checks that no non-failing shortcuts (that return an empty array) result in the flag not being reset.

Do you have an example that passes the tests here?

This comment has been minimized.

@trevnorris

trevnorris Jun 2, 2016

Contributor

@ChALkeR Are you addressing my comment? I'm saying I reset the bit in C++ and I believe you were the one that realized the bit can be flipped and remain flipped if the allocation fails.

This comment has been minimized.

@ChALkeR

ChALkeR Jun 2, 2016

Member

@trevnorris No, somewhy I didn't see your comment and was adressing @RReverser comment.

bnoordhuis and others added some commits Jun 1, 2016

lib,src: reset zero fill flag on exception
Exceptions thrown from the Uint8Array constructor would leave it
disabled.

Regression introduced in commit 27e84dd ("lib,src: clean up
ArrayBufferAllocator") from two days ago.  A follow-up commit
will add a regression test.

PR-URL: #7093
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
test: add buffer testcase for resetting kZeroFill
Test failed or zero-sized Buffer allocations not affecting subsequent
creations of typed arrays.

PR-URL: #7093
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>

@bnoordhuis bnoordhuis force-pushed the bnoordhuis:reset-zero-fill branch to fea3070 Jun 2, 2016

@bnoordhuis bnoordhuis closed this Jun 2, 2016

@bnoordhuis bnoordhuis deleted the bnoordhuis:reset-zero-fill branch Jun 2, 2016

@bnoordhuis bnoordhuis merged commit fea3070 into nodejs:master Jun 2, 2016

@bnoordhuis

This comment has been minimized.

Member

bnoordhuis commented Jun 2, 2016

Landed with expanded commit log in 3549a5e...fea3070.

@gibfahn gibfahn referenced this pull request Jun 15, 2017

Closed

Auditing for 6.11.1 #230

2 of 3 tasks complete
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment