Nodejs/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 10:59:27 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity

tls: copy the Buffer object before using

Browse Source 
`convertNPNProtocols` and `convertALPNProtocols' uses the `protocols`
buffer object as it is, and if it is modified outside of core, it
might have an impact. This patch makes a copy of the buffer object,
before using it.

PR-URL: https://github.com/nodejs/node/pull/8055
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
This commit is contained in:
Sakthipriyan Vairamani 2016-08-11 00:46:06 +05:30 committed by James M Snell
parent 0441f2adb4
commit 60dcd7323f
2 changed files with 25 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
lib/tls.js
View File

@ -49,22 +49,19 @@ function convertProtocols(protocols) {
exports.convertNPNProtocols = function(protocols, out) {
// If protocols is Array - translate it into buffer
if (Array.isArray(protocols)) {
protocols = convertProtocols(protocols);
}
// If it's already a Buffer - store it
if (protocols instanceof Buffer) {
out.NPNProtocols = protocols;
out.NPNProtocols = convertProtocols(protocols);
} else if (protocols instanceof Buffer) {
// Copy new buffer not to be modified by user.
out.NPNProtocols = Buffer.from(protocols);
}
};
exports.convertALPNProtocols = function(protocols, out) {
// If protocols is Array - translate it into buffer
if (Array.isArray(protocols)) {
protocols = convertProtocols(protocols);
}
// If it's already a Buffer - store it
if (protocols instanceof Buffer) {
// copy new buffer not to be modified by user
out.ALPNProtocols = convertProtocols(protocols);
} else if (protocols instanceof Buffer) {
// Copy new buffer not to be modified by user.
out.ALPNProtocols = Buffer.from(protocols);
}
};

18
test/parallel/test-tls-basic-validations.js
View File

@ -38,3 +38,21 @@ assert.throws(() => tls.createServer({ticketKeys: new Buffer(0)}),
assert.throws(() => tls.createSecurePair({}),
/Error: First argument must be a tls module SecureContext/);
{
const buffer = Buffer.from('abcd');
const out = {};
tls.convertALPNProtocols(buffer, out);
out.ALPNProtocols.write('efgh');
assert(buffer.equals(Buffer.from('abcd')));
assert(out.ALPNProtocols.equals(Buffer.from('efgh')));
}
{
const buffer = Buffer.from('abcd');
const out = {};
tls.convertNPNProtocols(buffer, out);
out.NPNProtocols.write('efgh');
assert(buffer.equals(Buffer.from('abcd')));
assert(out.NPNProtocols.equals(Buffer.from('efgh')));
}