ASN1_STRING_to_UTF8() passes an ASN1_STRING to ASN1_STRING_set() but forgot to
initialize the `length` field.
Fixes the following valgrind error:
$ valgrind -q --track-origins=yes --num-callers=19 \
out/Debug/node test/simple/test-tls-client-abort.js
==2690== Conditional jump or move depends on uninitialised value(s)
==2690== at 0x784B69: ASN1_STRING_set (asn1_lib.c:382)
==2690== by 0x809564: ASN1_mbstring_ncopy (a_mbstr.c:204)
==2690== by 0x8090F0: ASN1_mbstring_copy (a_mbstr.c:86)
==2690== by 0x782F1F: ASN1_STRING_to_UTF8 (a_strex.c:570)
==2690== by 0x78F090: asn1_string_canon (x_name.c:409)
==2690== by 0x78EF17: x509_name_canon (x_name.c:354)
==2690== by 0x78EA7D: x509_name_ex_d2i (x_name.c:210)
==2690== by 0x788058: ASN1_item_ex_d2i (tasn_dec.c:239)
==2690== by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746)
==2690== by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607)
==2690== by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448)
==2690== by 0x7890D4: asn1_template_noexp_d2i (tasn_dec.c:746)
==2690== by 0x788CB6: asn1_template_ex_d2i (tasn_dec.c:607)
==2690== by 0x78877A: ASN1_item_ex_d2i (tasn_dec.c:448)
==2690== by 0x787C93: ASN1_item_d2i (tasn_dec.c:136)
==2690== by 0x78F5E4: d2i_X509 (x_x509.c:141)
==2690== by 0x7C9B91: PEM_ASN1_read_bio (pem_oth.c:81)
==2690== by 0x7CA506: PEM_read_bio_X509 (pem_x509.c:67)
==2690== by 0x703C9A: node::crypto::SecureContext::AddRootCerts(v8::Arguments const&) (node_crypto.cc:497)
==2690== Uninitialised value was created by a stack allocation
==2690== at 0x782E89: ASN1_STRING_to_UTF8 (a_strex.c:560)
* valgrind complained too much about memory leaks from the V8 heap to be
useful, run it with --leak-check=no. Not ideal, needs to be revisited,
preferably with a suppression file.
* tools/run-valgrind.py didn't deal with tests that logged to stderr, rewrite
the heuristic and make valgrind write to a socket instead of stderr.
Fixes#3869.
pummel/test-net-throttle assumes that a couple of big write requests result in
some of them getting queued because the kernel's send buffer fills up.
Said assumption breaks on systems with large send buffers. Raise the size of
the write request to ameliorate the issue.
This is a back-port of commit 6770555 from the master branch.
Before this commit, DecodeWrite() mistakenly tried to convert buffers to
UTF-8 strings which:
a) produced invalid character sequences when the buffer contained
octets > 127, and
b) lead to spurious test failures because DecodeWrite() wrote less bytes
than DecodeBytes() said it would, with the remainder either containing
zeros or garbage
Fix that by simply copying the buffer's data to the target buffer when the
encoding is BINARY or by converting the buffer to a binary string when it's
UTF8 or ASCII.
Fixes#3651, #3866.
Commit 4e5fe2d changed the way how process.nextTick() works:
process.nextTick(function foo() {
process.nextTick(function bar() {
// ...
});
});
Before said commit, foo() and bar() used to run on separate event loop ticks
but that is no longer the case.
However, that's exactly the behavior that the TLS renegotiation attack guard
relies on. It gets called by OpenSSL and needs to defer the 'error' event to a
later tick because the default action is to destroy the TLS context - the same
context that OpenSSL currently operates on.
When things change underneath your feet, bad things happen and OpenSSL is no
exception. Ergo, use setImmediate() instead of process.nextTick() to ensure
that the 'error' event is actually emitted at a later tick.
Fixes#3840.
The test relied on a peculiarity of process.nextTick() that was changed in
commit 4e5fe2d. Before that commit, each nextTick callback corresponded with
the event loop moving forward one tick. That's no longer the case.
pummel/test-net-throttle assumes that a couple of big write requests result in
some of them getting queued because the kernel's send buffer fills up.
Said assumption breaks on systems with large send buffers. Raise the size of
the write request to ameliorate the issue.
Fixes a minor oversight introduced in 168a555, resulting in the following error:
fs.js:467
return fs.ftruncateSync(path, len, callback);
^
ReferenceError: callback is not defined
at Object.fs.truncateSync (fs.js:467:40)
This commit reverts the following commits (in reverse chronological order):
74d076c errnoException must be done immediately
ddb02b9 net: support Server.listen(Pipe)
085a098 cluster: do not use internal server API
d138875 net: lazy listen on handler
Commit d138875 introduced a backwards incompatible change that broke the
simple/test-net-socket-timeout and simple/test-net-lazy-listen tests - it
defers listening on the target port until the `net.Server` instance has at
least one 'connection' event listener.
The other patches had to be reverted in order to revert d138875.
Fixes#3832.
This target compiles node with "/" as the prefix and installs into a directory
like: "node-v0.8.6-darwin-x86_64". Then it creates a gzipped-tarball of that
directory, called something like: "node-v0.8.6-darwin-x86_64.tar.gz".
This "portable" mode rewrites the npm shebang to use the "node" executable
in the same directory relative to the "npm" script. This makes the "npm"
script "just work" even when "node" is not in the user's $PATH.
This mode is necessary for the precompiled binary packages that may potentially
be extracted to anywhere. The regular shebang-rewriting logic would normally
set the npm script's shebang to "/bin/node" which will not be present on anyone's
machine. In the end, we want the precompiled packages to be as user-friendly as
possible.