Browse Source

http: assert parser.consume argument's type

Unchecked argument conversion in Parser::Consume crashes node
in an slightly undesirable manner - 'unreachable code' in parser.

Make sure we validate the incoming type at the earliest point.

PR-URL: https://github.com/nodejs/node/pull/12288
Fixes: https://github.com/nodejs/node/issues/12178
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Refael Ackermann <refack@gmail.com>
v6
Gireesh Punathil 8 years ago
committed by Refael Ackermann
parent
commit
efab7847c6
  1. 1
      src/node_http_parser.cc
  2. 28
      test/abort/test-http-parser-consume.js

1
src/node_http_parser.cc

@ -496,6 +496,7 @@ class Parser : public AsyncWrap {
static void Consume(const FunctionCallbackInfo<Value>& args) {
Parser* parser;
ASSIGN_OR_RETURN_UNWRAP(&parser, args.Holder());
CHECK(args[0]->IsExternal());
Local<External> stream_obj = args[0].As<External>();
StreamBase* stream = static_cast<StreamBase*>(stream_obj->Value());
CHECK_NE(stream, nullptr);

28
test/abort/test-http-parser-consume.js

@ -0,0 +1,28 @@
'use strict';
const common = require('../common');
const assert = require('assert');
const http = require('http');
const spawn = require('child_process').spawn;
if (process.argv[2] === 'child') {
const server = http.createServer(common.mustCall((req, res) => {
res.end('hello');
}));
server.listen(0, common.mustCall((s) => {
const rr = http.get(
{ port: server.address().port },
common.mustCall((d) => {
// This bad input (0) should abort the parser and the process
rr.parser.consume(0);
server.close();
}));
}));
} else {
const child = spawn(process.execPath, [__filename, 'child'],
{ stdio: 'inherit' });
child.on('exit', common.mustCall((code, signal) => {
assert(common.nodeProcessAborted(code, signal),
'process should have aborted, but did not');
}));
}
Loading…
Cancel
Save