Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 09f25af

Browse filesBrowse files
Andre Jodat-Danbranitargos
Andre Jodat-Danbrani
authored and
targos
committed
tls: throw if protocol too long
The convertProtocols() function now throws a range error when the byte length of a protocol is too long to fit in a Buffer. Also added a test case in test/parallel/test-tls-basic-validations.js to cover this. PR-URL: #23606 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
1 parent dd5afbe commit 09f25af
Copy full SHA for 09f25af

File tree

Expand file treeCollapse file tree

3 files changed

+25
-4
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

3 files changed

+25
-4
lines changed
Open diff view settings
Collapse file

‎lib/internal/errors.js‎

Copy file name to clipboardExpand all lines: lib/internal/errors.js
+4-3Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -825,10 +825,11 @@ E('ERR_NO_ICU',
825825
'%s is not supported on Node.js compiled without ICU', TypeError);
826826
E('ERR_NO_LONGER_SUPPORTED', '%s is no longer supported', Error);
827827
E('ERR_OUT_OF_RANGE',
828-
(name, range, value) => {
829-
let msg = `The value of "${name}" is out of range.`;
828+
(str, range, input, replaceDefaultBoolean = false) => {
829+
let msg = replaceDefaultBoolean ? str :
830+
`The value of "${str}" is out of range.`;
830831
if (range !== undefined) msg += ` It must be ${range}.`;
831-
msg += ` Received ${value}`;
832+
msg += ` Received ${input}`;
832833
return msg;
833834
}, RangeError);
834835
E('ERR_REQUIRE_ESM', 'Must use import to load ES Module: %s', Error);
Collapse file

‎lib/tls.js‎

Copy file name to clipboardExpand all lines: lib/tls.js
+8-1Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,10 @@
2121

2222
'use strict';
2323

24-
const { ERR_TLS_CERT_ALTNAME_INVALID } = require('internal/errors').codes;
24+
const {
25+
ERR_TLS_CERT_ALTNAME_INVALID,
26+
ERR_OUT_OF_RANGE
27+
} = require('internal/errors').codes;
2528
const internalUtil = require('internal/util');
2629
const internalTLS = require('internal/tls');
2730
internalUtil.assertCrypto();
@@ -60,6 +63,10 @@ function convertProtocols(protocols) {
6063
const lens = new Array(protocols.length);
6164
const buff = Buffer.allocUnsafe(protocols.reduce((p, c, i) => {
6265
var len = Buffer.byteLength(c);
66+
if (len > 255) {
67+
throw new ERR_OUT_OF_RANGE('The byte length of the protocol at index ' +
68+
`${i} exceeds the maximum length.`, '<= 255', len, true);
69+
}
6370
lens[i] = len;
6471
return p + 1 + len;
6572
}, 0));
Collapse file

‎test/parallel/test-tls-basic-validations.js‎

Copy file name to clipboardExpand all lines: test/parallel/test-tls-basic-validations.js
+13Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -102,3 +102,16 @@ common.expectsError(
102102
assert(out.ALPNProtocols.equals(Buffer.from(expectView)));
103103
}
104104
}
105+
106+
{
107+
const protocols = [(new String('a')).repeat(500)];
108+
const out = {};
109+
common.expectsError(
110+
() => tls.convertALPNProtocols(protocols, out),
111+
{
112+
code: 'ERR_OUT_OF_RANGE',
113+
message: 'The byte length of the protocol at index 0 exceeds the ' +
114+
'maximum length. It must be <= 255. Received 500'
115+
}
116+
);
117+
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.