src: fix invalid windowBits=8 gzip segfault

`{ windowBits: 8 }` is legal for deflate streams but not gzip streams. Fix a nullptr dereference when formatting the error message. Bug introduced in commit c34eae5 ("zlib: refactor zlib internals") from September 2018. PR-URL: #33045 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de> Reviewed-By: David Carlier <devnexen@gmail.com>
nodejs · Jun 7, 2020 · 642f813 · 642f813
1 parent d64dbfa
commit 642f813
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 2 deletions.
diff --git a/src/node_zlib.cc b/src/node_zlib.cc
@@ -111,7 +111,12 @@ enum node_zlib_mode {
 
 struct CompressionError {
   CompressionError(const char* message, const char* code, int err)
-    : message(message), code(code), err(err) {}
+      : message(message),
+        code(code),
+        err(err) {
+    CHECK_NOT_NULL(message);
+  }
+
   CompressionError() = default;
 
   const char* message = nullptr;
@@ -996,7 +1001,7 @@ CompressionError ZlibContext::Init(
   if (err_ != Z_OK) {
     dictionary_.clear();
     mode_ = NONE;
-    return ErrorForMessage(nullptr);
+    return ErrorForMessage("zlib error");
   }
 
   return SetDictionary();

diff --git a/test/parallel/test-zlib.js b/test/parallel/test-zlib.js
@@ -27,6 +27,13 @@ const stream = require('stream');
 const fs = require('fs');
 const fixtures = require('../common/fixtures');
 
+// Should not segfault.
+assert.throws(() => zlib.gzipSync(Buffer.alloc(0), { windowBits: 8 }), {
+  code: 'ERR_ZLIB_INITIALIZATION_FAILED',
+  name: 'Error',
+  message: 'Initialization failed',
+});
+
 let zlibPairs = [
   [zlib.Deflate, zlib.Inflate],
   [zlib.Gzip, zlib.Gunzip],