v8::Object::GetAlignedPointerFromInternalField() returns a random value
if Wrap() hasn't been run on the object handle. Causing v8 to abort if
certain getters are accessed. It's possible to access these getters and
functions during class construction through the AsyncWrap init()
callback, and also possible in a subset of those scenarios while running
the persistent handle visitor.
Mitigate this issue by manually setting the internal aligned pointer
field to nullptr in the BaseObject constructor and add necessary logic
to return appropriate values when nullptr is encountered.
PR-URL: https://github.com/nodejs/node/pull/6184
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
First cast the pointer to the child Base class before casting to the
parent class to make sure it returns the correct pointer.
PR-URL: https://github.com/nodejs/node/pull/6184
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Though the TLSWrap constructor is only called via TLSWrap::Wrap() (i.e.
tls_wrap.wrap()) internally, it is still exposed to JS. Don't allow the
application to abort by inspecting the instance before it has been
wrap'd by another handle.
PR-URL: https://github.com/nodejs/node/pull/6184
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
In case the handle is stored and accessed after the associated C++ class
was destructed, set the internal pointer to nullptr so any
getters/setters can return accordingly without aborting the application.
PR-URL: https://github.com/nodejs/node/pull/6184
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
To make sure casting a class of multiple inheritance from a void* to
AsyncWrap succeeds make AsyncWrap the first inherited class.
PR-URL: https://github.com/nodejs/node/pull/6184
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Node already has support for base64 encoding and decoding that is not
visible outside the string_bytes.cc file. Our work on providing a
support for the Chrome inspector protocol
(https://github.com/nodejs/node/pull/6792) requires base64 encoding
support. Rather then introducing a second copy of the base64 encoder,
we suggest moving this code into a separate header.
PR-URL: https://github.com/nodejs/node/pull/6910
Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: indutny - Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: ofrobots - Ali Ijaz Sheikh <ofrobots@google.com>
Since debugger::Agent's interface is not exported, third party embedders
will have linking errors if they call Environment's destructor directly.
PR-URL: https://github.com/nodejs/node/pull/3098
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
On OSX it's possible that the fd is replaced, so use the proper libuv
API to get the correct fd.
PR-URL: https://github.com/nodejs/node/pull/6753
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
In 5d38d543cd, an additional property in node_config.cc was added
whose definition depends on having the local `env` variable declared,
which in turn depended on `NODE_HAVE_I18N_SUPPORT` being defined.
Moving `env = ...` out of the `#ifdef` block allows building via
`./configure --without-intl` again.
PR-URL: https://github.com/nodejs/node/pull/6820
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
The require('constants') module is currently undocumented and mashes
together unrelated constants. This refactors the require('constants')
in favor of distinct os.constants, fs.constants, and crypto.constants
that are specific to the modules for which they are relevant. The
next step is to document those within the specific modules.
PR-URL: https://github.com/nodejs/node/pull/6534
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Robert Lindstaedt <robert.lindstaedt@gmail.com>
Add the `--preserve-symlinks` flag. This makes the changes added
in #5950 conditional. By default the old behavior is used. With
the flag set, symlinks are preserved, switching to the new
behavior. This should be considered to be a temporary solution
until we figure out how to solve the symlinked peer dependency
problem in a more general way that does not break everything
else.
Additional test cases are included.
PR-URL: https://github.com/nodejs/node/pull/6537
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Calling v8::Debug::DebugBreak() directly from the signal handler is
unsafe because said function tries to grab a mutex. Work around that
by starting a watchdog thread that is woken up from the signal handler,
which then calls v8::Debug::DebugBreak().
Using a watchdog thread also removes the need to use atomic operations
so this commit does away with that.
Fixes: https://github.com/nodejs/node/issues/5368
PR-URL: https://github.com/nodejs/node/pull/5904
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Minor cleanup of how --debug-brk works:
* We no longer need to use command line flags to expose the debug
object.
* Do not depend on the existence of global.v8debug as a mechanism to
determine if --debug-brk was specified.
* We no longer need to set a dummy listener with --debug-brk.
PR-URL: https://github.com/nodejs/node/pull/6599
Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: cjihrig - Colin Ihrig <cjihrig@gmail.com>
strcasecmp() is affected by the current locale as configured through
e.g. the LC_ALL environment variable and the setlocale() libc function.
It can result in unpredictable results across systems so replace it with
a function that isn't susceptible to that.
PR-URL: https://github.com/nodejs/node/pull/6582
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
strcasecmp() is not used in src/node_http_parser.cc so there is no need
to include its header file.
PR-URL: https://github.com/nodejs/node/pull/6582
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
SSL_CIPHER and SSL_METHOD are always const with the version of openssl
that we support, no need to check OPENSSL_VERSION_NUMBER first.
PR-URL: https://github.com/nodejs/node/pull/6582
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
SSL compression was first disabled at runtime in March 2011 in commit
e83c6959 ("Disable compression with OpenSSL.") for performance reasons
and was later shown to be vulnerable to information leakage (CRIME.)
Let's stop compiling it in altogether.
This commit removes a broken CHECK from src/node_crypto.cc; broken
because sk_SSL_COMP_num() returns -1 for a NULL stack, not 0. As a
result, node.js would abort when linked to an OPENSSL_NO_COMP build
of openssl.
PR-URL: https://github.com/nodejs/node/pull/6582
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Fix `buffer.lastIndexOf()` for the case that the first character
of the needle is contained in the haystack, but in a location that
makes it impossible to be part of a full match.
For example, when searching for 'abc' in 'abcdef', only the 'cdef'
part needs to be searched for 'c', because earlier locations can
be excluded by index calculations alone.
Previously, such a search would result in an assertion failure.
This applies only to Node.js v6, as `lastIndexOf` was added in it.
PR-URL: https://github.com/nodejs/node/pull/6511
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Return -1 in `Buffer.lastIndexOf` if the needle is longer than the
haystack. The previous check only tested the corresponding
condition for forward searches.
This applies only to Node.js v6, as `lastIndexOf` was added in it.
Fixes: https://github.com/nodejs/node/issues/6510
PR-URL: https://github.com/nodejs/node/pull/6511
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Fix `buffer.indexOf` for the case that the haystack has odd length
and the needle is not found in it. `StringSearch()` would return
the length of the buffer in multiples of `sizeof(uint16_t)`, but
checking that against `haystack_length` would not work if the latter
one was odd.
PR-URL: https://github.com/nodejs/node/pull/6511
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Use `StringBytes::Size` to determine the needle string length
instead of assuming latin-1 or UTF-8.
Previously, `Buffer.indexOf` could fail with an assertion failure
when the needle's byte length, but not its character count,
exceeded the haystack's byte length.
PR-URL: https://github.com/nodejs/node/pull/6511
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
In certain conditions, inspecting a Proxy object can lead to a
max call stack error. Avoid that by detecting the Proxy object
and outputting information about the Proxy object itself.
Fixes: https://github.com/nodejs/node/issues/6464
PR-URL: https://github.com/nodejs/node/pull/6465
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Add process.cpuUsage() method that returns the user and system
CPU time usage of the current process
PR-URL: https://github.com/nodejs/node/pull/6157
Reviewed-By: Robert Lindstaedt <robert.lindstaedt@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Unify the common code of `Utf8Value`, `TwoByteValue`, `BufferValue`
and `StringBytes::InlineDecoder` into one class. Always make the
result zero-terminated for the first three.
This fixes two problems in passing:
* When the conversion of the input value to String fails,
make the buffer zero-terminated anyway. Previously, this would
have resulted in possibly reading uninitialized data in multiple
places in the code. An instance of that problem can be reproduced
by running e.g.
`valgrind node -e 'net.isIP({ toString() { throw Error() } })'`.
* Previously, `BufferValue` copied one byte too much from the source,
possibly resulting in an out-of-bounds memory access.
This can be reproduced by running e.g.
`valgrind node -e \
'fs.openSync(Buffer.from("node".repeat(8192)), "r")'`.
Further minor changes:
* This lifts the `out()` method of `StringBytes::InlineDecoder`
to the common class so that it can be used when using the
overloaded `operator*` does not seem appropiate.
* Hopefully clearer variable names.
* Add checks to make sure the length of the data does not exceed
the allocated storage size, including the possible null terminator.
PR-URL: https://github.com/nodejs/node/pull/6357
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
This also updates the tests to expect that a closed handle has no
reference count.
PR-URL: https://github.com/nodejs/node/pull/6395
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Don't implement an additional reference counting scheme on top of libuv.
Libuv is the canonical source for that information so use it directly.
PR-URL: https://github.com/nodejs/node/pull/6395
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
The OpenSSL configuration file allows custom crypto engines but those
directives will not be respected if the config file is loaded after
initializing all crypto subsystems. This patch reads the configuration
file first.
PR-URL: https://github.com/nodejs/node/pull/6374
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This fixes my perceived usability issues with 7d8882b. Which, at the
time of writing, has not landed in any release except v6 RCs. This
should not be considered a breaking change due to that.
It is useful if you have a handle, even if it has been closed, to be
able to inspect whether that handle was unrefed or not. As such, this
renames the method accordingly. If people need to check a handle's
aliveness, that is a separate API we should consider exposing.
Refs: https://github.com/nodejs/node/pull/5834
PR-URL: https://github.com/nodejs/node/pull/6204
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
* Remove unnecessary templating from SearchString
SearchString used to have separate PatternChar and SubjectChar template type
arguments, apparently to support things like searching for an 8-bit string
inside a 16-bit string or vice versa. However, SearchString is only used from
node_buffer.cc, where PatternChar and SubjectChar are always the same. Since
this is extra complexity that's unused and untested (simplifying to a single
Char template argument still compiles and didn't break any unit tests), I
removed it.
* Use Boyer-Hoore[-Horspool] for both indexOf and lastIndexOf
Add test cases for lastIndexOf. Test the fallback from BMH to
Boyer-Moore, which looks like it was totally untested before.
* Extra bounds checks in node_buffer.cc
* Extra asserts in string_search.h
* Buffer.lastIndexOf: clean up, enforce consistency w/ String.lastIndexOf
* Polyfill memrchr(3) for non-GNU systems
PR-URL: https://github.com/nodejs/node/pull/4846
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
This patch fixes all the linter errors.
PR-URL: https://github.com/nodejs/node/pull/6105
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Silence the following compiler warning when building without ICU:
../src/node_config.cc:32:16: warning: unused variable 'env'
[-Wunused-variable]
Environment* env = Environment::GetCurrent(context);
PR-URL: https://github.com/nodejs/node/pull/6351
Reviewed-By: James M Snell <jasnell@gmail.com>
Plan 2 bytes instead of 1 byte for the final zero terminator
for UTF-16. This is unlikely to cause real-world problems,
but that ultimately depends on the `malloc` implementation.
The issue can be uncovered by running e.g.
`valgrind node -e "Buffer(65536).fill('a'.repeat(4096), 'utf16le')"`
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/nodejs/node/pull/6330
It turns out that userland likes to override process.config with
their own stuff. If we want to be able to depend on it in any way,
we need our own internal mechanism.
This adds a new private process.binding('config') that is
intended to serve as a container for internal flags and compile
time configs that need to be passed on to the JS layer.
PR-URL: https://github.com/nodejs/node/pull/6266
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
* doc: rename .markdown references in content
* doc: rename to .md in tools
* doc: rename to .md in CONTRIBUTING.md
PR-URL: https://github.com/nodejs/node/pull/4747
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: techjeffharris
Reviewed-By: Johan Bergström <bugs@bergstroem.nu>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Add `CHECK_NE(·, nullptr)` after allocations made when
spawning child processes.
PR-URL: https://github.com/nodejs/node/pull/6256
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
When handling a response to `CONNECT` request - skip message body
and do not attempt to parse the next message. `CONNECT` requests are
used in similar sense to HTTP Upgrade.
Fix: https://github.com/nodejs/node/pull/6198
PR-URL: https://github.com/nodejs/node/pull/6279
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit safely allows event names that are named the same as
properties that are ordinarily inherited from Object.prototype such
as __proto__.
Fixes: https://github.com/nodejs/node/issues/728
PR-URL: https://github.com/nodejs/node/pull/6092
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
calling digest or update on a hash object after digest has been called
now gives a topical error message instead of an error message saying that the
hash failed to initialize.
PR-URL: https://github.com/nodejs/node/pull/6042
Reviewed-By: Brian White <mscdex@mscdex.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Trevor Norris
Anna Henningsen
Eugene Ostroukhov
Saúl Ibarra Corretgé
Cheng Zhao
James M Snell
Jeremiah Senkpiel
Ben Noordhuis
Ali Ijaz Sheikh
Steven R. Loomis
Rich Trott
Patrick Mueller
Stefan Budeanu
dcposch@dcpos.ch
Sakthipriyan Vairamani
Robert Jefe Lindstaedt
Fedor Indutny
Brian White
Calvin Metcalf