No reason to install access checks if they're always going to return
true.
PR-URL: https://github.com/nodejs/io.js/pull/1773
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
New Buffer implementation allows greater than kMaxLength to be created.
So instead check if the passed value is a valid Smi.
PR-URL: https://github.com/nodejs/io.js/pull/1825
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Address comments and deprecations left in source files. These changes
include:
* Remove the deprecated API.
* Change Buffer::New() that did a copy of the data to Buffer::Copy()
* Change Buffer::Use() to Buffer::New()
PR-URL: https://github.com/nodejs/io.js/pull/1825
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Instead of aborting in case of internal failure, return an empty
Local<Object>. Using the MaybeLocal<T> API, users must check their
return values.
PR-URL: https://github.com/nodejs/io.js/pull/1825
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Passing a FreeCallback to Buffer::New() now uses externalized
ArrayBuffer's.
PR-URL: https://github.com/nodejs/io.js/pull/1825
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
With V8 4.4 removing the external array data API currently used by
Buffer, the new implementation uses the Uint8Array to back Buffer.
Buffers now have a maximum size of Smi::kMaxLength, as defined by V8.
Which is ~2 GB on 64 bit and ~1 GB on 32 bit.
The flag --use-old-buffer allows using the old Buffer implementation.
This flag will be removed once V8 4.4 has landed.
The two JS Buffer implementations have been split into two files for
simplicity.
Use getter to return expected .parent/.offset values for backwards
compatibility.
PR-URL: https://github.com/nodejs/io.js/pull/1825
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Allowing the name to be passed to the ARGS_THIS macro will make it
easier to share code with the Uint8Array implementation.
PR-URL: https://github.com/nodejs/io.js/pull/1825
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Record the start time so we can make the return value of Timer.now()
relative to it, increasing the chances that it fits in a tagged integer
instead of a heap-allocated double, at least for the first one or two
billion milliseconds.
PR-URL: https://github.com/nodejs/io.js/pull/2256
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
These two lines exist because of a screw up on my part while combining
MakeCallback() and MakeDomainCallback().
The reason it never broke core tests is because any paths it would have
broken were rerouted to AsyncWrap::MakeCallback(). The only case that
node::MakeCallback() handles anymore is setImmediate().
Fix: a1da024 "node, async-wrap: remove MakeDomainCallback"
PR-URL: https://github.com/nodejs/io.js/pull/2157
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Make the inner loop execute fewer compare-and-branch executions per
processed byte, resulting in a 50% or more speedup.
This coincidentally fixes an out-of-bounds read:
while (unbase64(*src) < 0 && src < srcEnd)
Should have read:
while (src < srcEnd && unbase64(*src) < 0)
But this commit removes the offending code altogether.
Fixes: https://github.com/nodejs/io.js/issues/2166
PR-URL: https://github.com/nodejs/io.js/pull/2193
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
- This makes v8 add .trace_function_info to the serialized form of
snapshots from v8::HeapSnapshot::Serialize
- .trace_funciton_info combined with .trace_node in snapshots tells the
JS location that allocated a specific object
PR-URL: https://github.com/nodejs/io.js/pull/2135
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Notable changes
* deps: Fixed an out-of-band write in utf8 decoder.
This is an important security update as it can be used to cause a
denial of service attack.
Notable changes
build:
- Added support for compiling with Microsoft Visual C++ 2015
- Started building and distributing headers-only tarballs along with binaries
Queued write requests should be invoked on handle close, otherwise the
"consumer" might be already destroyed when the write callbacks of the
"consumed" handle will be invoked. Same applies to the shutdown
requests.
Make sure to "move" away socket from server to not break the
`connections` counter in `net.js`. Otherwise it might not call `close`
callback, or call it too early.
Fix: https://github.com/iojs/io.js/issues/1696
PR-URL: https://github.com/nodejs/io.js/pull/1910
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
3beb880716 has a bug in VerifyCallback
when preverify is 1 and the cert chain has an verify error. If the
error is UNABLE_TO_GET_ISSUER_CERT_LOCALLY, it leads an assertion
error in finding rootCA.
The whitelist check should be made only when the cert chain has no
verify error with X509_V_OK.
Fixes: https://github.com/nodejs/io.js/issues/2061
PR-URL: https://github.com/nodejs/io.js/pull/2064
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
this opts for stream.push('') which has the same effect
but uses a public API.
PR-URL: https://github.com/nodejs/io.js/pull/454
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
If an object's prototype is munged it's possible to bypass the
instanceof check and cause the application to abort. Instead now use
HasInstance() to verify that the object is a Buffer, and throw if not.
This check will not work for JS only methods. So while the application
won't abort, it also won't throw.
In order to properly throw in all cases with toString() the JS
optimization of checking that length is zero has been removed. In its
place the native methods will now return early if a zero length string
is detected.
Ref: https://github.com/nodejs/io.js/pull/1486
Ref: https://github.com/nodejs/io.js/pull/1922
Fixes: https://github.com/nodejs/io.js/issues/1485
PR-URL: https://github.com/nodejs/io.js/pull/2012
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/nodejs/io.js/pull/1996
Notable changes
* module: The number of syscalls made during a require() have been
significantly reduced again (see #1801 from v2.2.0 for previous
work), which should lead to a performance improvement
(Pierre Inglebert) #1920.
* npm:
- Upgrade to v2.11.2 (Rebecca Turner) #1956.
- Upgrade to v2.11.3 (Forrest L Norvell) #2018.
* zlib: A bug was discovered where the process would abort if the
final part of a zlib decompression results in a buffer that would
exceed the maximum length of 0x3fffffff bytes (~1GiB). This was
likely to only occur during buffered decompression (rather than
streaming). This is now fixed and will instead result in a thrown
RangeError (Michaël Zasso) #1811.
Re-add the wrapper class id to AsyncWrap instances so they can be
tracked directly in a heapdump.
Previously the class id was given without setting the heap dump wrapper
class info provider. Causing a segfault when a heapdump was taken. This
has been added, and the label_ set to the given provider name so each
instance can be identified.
The id will not be set of the passed object has no internal field count.
As the class pointer cannot be retrieved from the object.
In order to properly report the allocated size of each class, the new
pure virtual method self_size() has been introduces.
PR-URL: https://github.com/nodejs/io.js/pull/1896
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
The accessors run inside an implicit HandleScope, there is no need to
create a new one.
PR-URL: https://github.com/nodejs/io.js/pull/2001
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Notable Changes:
* libuv: Upgraded to 1.6.0 and 1.6.1, see full ChangeLog for details.
(Saúl Ibarra Corretgé) #1905#1889. Highlights include:
- Fix TTY becoming blocked on OS X
- Fix UDP send callbacks to not to be synchronous
- Add uv_os_homedir() (exposed as os.homedir(), see below)
* npm: See full release notes for details. (Kat Marchán) #1899. Highlight:
- Use GIT_SSH_COMMAND (available as of Git 2.3)
* openssl:
- Upgrade to 1.0.2b and 1.0.2c, introduces DHE man-in-the-middle protection
(Logjam) and fixes malformed ECParameters causing infinite loop
(CVE-2015-1788). See the security advisory for full details.
(Shigeki Ohtsu) #1950#1958
- Support FIPS mode of OpenSSL, see README for instructions.
(Fedor Indutny) #1890
* os: Add os.homedir() method. (Colin Ihrig) #1791
* smalloc: Deprecate whole module. (Vladimir Kurchatkin) #1822
* Add new collaborators:
- Alex Kocharin (@rlidwka)
- Christopher Monsanto (@monsanto)
- Ali Ijaz Sheikh (@ofrobots)
- Oleg Elifantiev (@Olegas)
- Domenic Denicola (@domenic)
- Rich Trott (@Trott)
Support building and running with FIPS-compliant OpenSSL. The process is
following:
1. Download and verify `openssl-fips-x.x.x.tar.gz` from
https://www.openssl.org/source/
2. Extract source to `openssl-fips` folder
3. ``cd openssl-fips && ./config fipscanisterbuild --prefix=`pwd`/out``
(NOTE: On OS X, you may want to run
``./Configure darwin64-x86_64-cc --prefix=`pwd`/out`` if you are going to
build x64-mode io.js)
4. `make -j && make install`
5. Get into io.js checkout folder
6. `./configure --openssl-fips=/path/to/openssl-fips/out`
7. Build io.js with `make -j`
8. Verify with `node -p "process.versions.openssl"` (`1.0.2a-fips`)
Fix: https://github.com/joyent/node/issues/25463
PR-URL: https://github.com/nodejs/io.js/pull/1890
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
1. Change "Bad arguments" error messages to a more helpful message
"options should either be an object or a string".
2. Make braces consistent.
3. Return meaningful error message from fs_event_wrap's
FSEvent's Start function.
PR-URL: https://github.com/nodejs/io.js/pull/1870
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
os.homedir() calls libuv's uv_os_homedir() to retrieve the current
user's home directory.
PR-URL: https://github.com/nodejs/io.js/pull/1791
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
Exporting it seems like an oversight. It's not safe to call once
V8 is running so there doesn't seem to be a point in exporting it
to add-ons. Un-export it.
PR-URL: https://github.com/nodejs/io.js/pull/1815
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Update the list of root certificates in src/node_root_certs.h with
tools/mk-ca-bundle.pl.
PR-URL: https://github.com/nodejs/io.js/pull/1833
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Domenic Denicola
Trevor Norris
cjihrig
Ben Noordhuis
Jeremiah Senkpiel
Fedor Indutny
Bradley Meck
Rod Vagg
Shigeki Ohtsu
Chris Dickinson
Vladimir Kurchatkin
Sakthipriyan Vairamani
Brian White