Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

lib: remove the comment of base64 validation #29201

Closed
wants to merge 1 commit into from
Closed

lib: remove the comment of base64 validation #29201

wants to merge 1 commit into from

Conversation

SEWeiTung
Copy link

@SEWeiTung SEWeiTung commented Aug 19, 2019
edited
Loading

Since there's a comment about the 'base64' validation needed, and this will result in a breaking change, so this should be removed.

  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines

cjihrig
cjihrig reviewed Aug 19, 2019
View reviewed changes
lib/internal/validators.js Outdated Show resolved Hide resolved
lib/internal/validators.js Outdated Show resolved Hide resolved
mscdex
mscdex previously requested changes Aug 19, 2019
View reviewed changes
Copy link
Contributor

@mscdex mscdex left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using a regex slows the cipher/hash update()s considerably (at least by half for a 1024 character string in my quick benchmarking). I think simply adding a length check would suffice.

If we wanted to be extra strict, we could check the number of bytes written in the C++ layer or something to help determine how valid the base64 string was, provided it didn't cause a serious performance regression.

@SEWeiTung
Copy link
Author

@mscdex and @cjihrig,Thanks for suggestions and here's the fixture for them.

@addaleax addaleax added semver-major PRs that contain breaking changes and should be released in the next major version. buffer Issues and PRs related to the buffer subsystem. labels Aug 20, 2019
@addaleax
Copy link
Member

I’m sorry but I’m -1, this is a major breaking change that has the potential to break a lot of code with little benefit, we just shouldn’t do it at all imo.

@bnoordhuis
Copy link
Member

Then we should just remove the comment or replace it with a comment explaining why we're not doing validation? FWIW, I agree with Anna's assessment.

@SEWeiTung SEWeiTung changed the title lib: add the missing validation for 'base64' lib: remove the comment of base64 validation Aug 21, 2019
lib: remove the comment of base64 validation
be73257 
Since there's a comment about the 'base64' validation needed, and this
will result in a breaking change, so this should be removed.
@SEWeiTung
Copy link
Author

@addaleax,OK, I've removed this comment to keep it clear.

@mscdex mscdex removed the semver-major PRs that contain breaking changes and should be released in the next major version. label Aug 21, 2019
@Trott
Copy link
Member

Trott commented Aug 21, 2019

@mscdex Are you OK with removing the comment?

@MaledongGit It may be better/easier to close this and open this simple change as a new PR.

/ping @bnoordhuis

@mscdex mscdex dismissed their stale review August 22, 2019 03:26

PR changed

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/25193/

@Trott Trott added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Aug 23, 2019
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/25199/

antsmartian pushed a commit that referenced this pull request Aug 24, 2019
@antsmartian
lib: remove the comment of base64 validation
d5c3837 
Since there's a comment about the 'base64' validation needed, and this
will result in a breaking change, so this should be removed.

PR-URL: #29201
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anto Aravinth <anto.aravinth.cse@gmail.com>
@antsmartian
Copy link
Contributor

Landed in d5c3837 🎉 🎉 🎉 🎉

@SEWeiTung SEWeiTung deleted the NewBase64Check branch August 24, 2019 05:15
@BethGriggs BethGriggs mentioned this pull request Oct 21, 2019
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cjihrig cjihrig cjihrig left review comments

@antsmartian antsmartian antsmartian approved these changes

@addaleax addaleax addaleax approved these changes

@jasnell jasnell jasnell approved these changes

@bnoordhuis bnoordhuis bnoordhuis approved these changes

@mscdex mscdex mscdex left review comments

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. buffer Issues and PRs related to the buffer subsystem.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
10 participants
@SEWeiTung @addaleax @bnoordhuis @Trott @nodejs-github-bot @antsmartian @mscdex @jasnell @cjihrig @targos