Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

'buffer.Buffer.prototype.lastIndexOf' results in an abort #32753

Closed
zyscoder opened this issue Apr 10, 2020 · 0 comments
Closed

'buffer.Buffer.prototype.lastIndexOf' results in an abort #32753

zyscoder opened this issue Apr 10, 2020 · 0 comments
Labels
buffer Issues and PRs related to the buffer subsystem. confirmed-bug Issues with confirmed bugs.

Comments

@zyscoder
Copy link

  • Version: v12.16.0
  • Platform: Linux vul337 4.15.0-91-generic new design of error handling #92-Ubuntu SMP Fri Feb 28 11:09:48 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
  • Subsystem: buffer

What steps will reproduce the bug?

Directly run the following code snippet using node:

let buffer = require('buffer');
new buffer.Buffer.prototype.lastIndexOf(1, 'str');

It is worth noting that the following code would not cause this abort:

new  require('buffer').Buffer.prototype.lastIndexOf(1, 'str');

Thus we doubt there may be something wrong in somewhere.

How often does it reproduce? Is there a required condition?

No. This potential bug can always be reproduced.

What is the expected behavior?

This is a misuse of 'buffer.Buffer.prototype.lastIndexOf'. The function should throw an exception or other similar error-reporting stuff rather than crash the whole nodejs process.

What do you see instead?

This is the stack dump produced during abort:

./node[40968]: ../src/node_buffer.cc:1014:void node::Buffer::(anonymous namespace)::IndexOfNumber(const FunctionCallbackInfo<v8::Value> &): Assertion `args[2]->IsNumber()' failed.
 1: 0x13f9b30 node::Abort() [./node]
 2: 0x13f9709  [./node]
 3: 0x13b765e  [./node]
 4: 0x17b379c v8::internal::FunctionCallbackArguments::Call(v8::internal::CallHandlerInfo) [./node]
 5: 0x17b23d5  [./node]
 6: 0x17b1092  [./node]
 7: 0x2717a59  [./node]
[2]    40968 abort      ./node

Additional information

@bnoordhuis bnoordhuis added buffer Issues and PRs related to the buffer subsystem. confirmed-bug Issues with confirmed bugs. labels Apr 10, 2020
@Flarna Flarna closed this as completed in aa34465 Apr 13, 2020
BethGriggs pushed a commit that referenced this issue Apr 14, 2020
Add a type check in bidirectionalIndexOf to avoid using something else
as Buffer. This may happen if e.g. lastIndexOf is called with invalid
this.

PR-URL: #32770
Fixes: #32753
Fixes: #32747
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
targos pushed a commit to targos/node that referenced this issue Apr 25, 2020
Add a type check in bidirectionalIndexOf to avoid using something else
as Buffer. This may happen if e.g. lastIndexOf is called with invalid
this.

PR-URL: nodejs#32770
Fixes: nodejs#32753
Fixes: nodejs#32747
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
BridgeAR pushed a commit that referenced this issue Apr 28, 2020
Add a type check in bidirectionalIndexOf to avoid using something else
as Buffer. This may happen if e.g. lastIndexOf is called with invalid
this.

PR-URL: #32770
Fixes: #32753
Fixes: #32747
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
targos pushed a commit that referenced this issue Apr 28, 2020
Add a type check in bidirectionalIndexOf to avoid using something else
as Buffer. This may happen if e.g. lastIndexOf is called with invalid
this.

PR-URL: #32770
Fixes: #32753
Fixes: #32747
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
buffer Issues and PRs related to the buffer subsystem. confirmed-bug Issues with confirmed bugs.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants