This makes sure that no uninitialized bytes are leaked when the specified
`totalLength` input value is greater than the actual total length of the
specified buffers array, e.g. in Buffer.concat([Buffer.alloc(0)], 100).
PR-URL: https://github.com/nodejs/node-private/pull/67
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Rod Vagg <rod@vagg.org>
Incorporates changes from commit e345253 ("tls: better error reporting
at cert validation") to test/simple/test-tls-check-server-identity.js
to make back-porting the patch easier.
CVE-2016-7099
PR-URL: https://github.com/nodejs/node-private/pull/62
Reviewed-By: Rod Vagg <rod@vagg.org>
Previously, the reason argument passed to ServerResponse#writeHead was
not being properly validated. One could pass CRLFs which could lead to
http response splitting. This commit changes the behavior to throw an
error in the event any invalid characters are included in the reason.
CVE-2016-5325
PR-URL: https://github.com/nodejs/node-private/pull/48
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
DES-CBC-SHA is LOW cipher and disabled by default and it is used in
tests of hornorcipherorder. They are changed as to
- use RC4-SHA instead of DES-CBC-SHA.
- add AES128-SHA to entries to keep the number of ciphers.
- remove tests for non-default cipher because only SEED and IDEA are
available in !RC4:!HIGH:ALL.
Fixes: https://github.com/nodejs/LTS/issues/85
PR-URL: https://github.com/nodejs/node/pull/5712
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Set the Connection header to 'close' to work around a v0.10 quirk.
Prevents the test from timing out due to a still open TCP connection.
Test introduced in 1e45a61 ("deps: update http-parser to version 1.2").
PR-URL: https://github.com/nodejs/node/pull/5511
Reviewed-By: James M Snell <jasnell@gmail.com>
Fixes http-parser regression with IS_HEADER_CHAR check
Add test case for obstext characters (> 0x80) in header
PR-URL: https://github.com/nodejs/node/pull/5242
Reviewed-By: Rod Vagg <rod@vagg.org>
Fix node exiting due to an exception being thrown rather than emitting
an 'uncaughtException' event on the process object when:
1. no error handler is set on the domain within which an error is thrown
2. an 'uncaughtException' event listener is set on the process
Also fix an issue where the process would not abort in the proper
function call if an error is thrown within a domain with no error
handler and --abort-on-uncaught-exception is used.
Fixes#3607 and #3653.
PR: #3887
PR-URL: https://github.com/nodejs/node/pull/3887
Reviewed-By: James M Snell <jasnell@gmail.com>
This test failed in a recent Jenkins run for a change that was 100%
not related to it.
PR-URL: https://github.com/joyent/node/pull/25807
Reviewed-By: James M Snell <jasnell@gmail.com>
It seems that test-net-error-twice.js does not behave as expected. Its
goal is to test fireErrorCallbacks, but it doesn't do it correctly,
leading to false negatives on some platforms and failures on others.
This change marks this test as flaky so that we can use our CI to land
changes in the v0.10 branch until we can fix it properly.
See the corresponding issue at
https://github.com/joyent/node/issues/9325 for more details.
PR: #25760
PR-URL: https://github.com/joyent/node/pull/25760
Reviewed-By: João Reis <reis@janeasystems.com>
Before this change, test/simple/test-abort-fatal-error.js would fail in
some environments for reasons I wasn't able to fully understand. It was
marked as flaky on some systems, but not on others on which it was
failing sometimes (OSX).
This change basically syncs test-abort-fatal-error with how it's
implemented in v0.12. It back ports 429b5870 (or rather the parts that
apply to it since it's a merge commit), 2f5e77f and 114bff4.
After backporting these changes in v0.10, test-abort-fatal-error is not
flaky anymore in environments for which it was flaky. It also has the
added benefit of being more robust because it checks exit codes and
signals instead of error messages.
Tested on OSX and SmartOS, the only platforms on which I could reproduce
the flakiness of this test.
This change also removes test-abort-fatal-error from the list of flaky
tests in test/simple/simple.status.
Fixes#25720.
PR: #25755
PR-URL: https://github.com/joyent/node/pull/25755
Reviewed-By: João Reis <reis@janeasystems.com>
This reverts commit 67d9a56251.
This commit actually reverts both
67d9a56251 and
02a549ed2b (both related to ciphers list
changes). It does it in one commit because reverting
02a549ed2b results in an empty commit.
These changes are not yet ready to be released, and before they are we
want to be able to publish new releases. We're reverting them so that we
can submit a new PR that will contain all these changes plus what's
necessary to be able to land them properly.
Conflicts:
src/node.cc
PR: #25511
PR-URL: https://github.com/joyent/node/pull/25511
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
When a timer is added in another timer's callback, its underlying timer
handle will be started with a timeout that is actually incorrect.
The reason is that the value that represents the current time is not
updated between the time the original callback is called and the time
the added timer is processed by timers.listOnTimeout. That leads the
logic in timers.listOnTimeout to do an incorrect computation that makes
the added timer fire with a timeout of scheduledTimeout +
timeSpentInCallback.
This change fixes that and make timers scheduled within other timers'
callbacks fire as expected.
Fixes#9333 and #15447.
PR: #17203
PR-URL: https://github.com/joyent/node/pull/17203
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Disable RC4 in the default cipher list
Add the `--cipher-list` command line switch and `NODE_CIPHER_LIST`
environment variable to completely override the default cipher list.
Add the `--enable-legacy-cipher-list` and `NODE_LEGACY_CIPHER_LIST`
environment variable to selectively enable the default cipher list from
previous node.js releases.
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/joyent/node/pull/14413
caeb67735b introduced a regression where
the domains stack would not be cleared after an error had been handled
by the top-level domain.
This change clears the domains stack regardless of the position of the
active domain in the stack.
PR: #9364
PR-URL: https://github.com/joyent/node/pull/9364
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Julien Gilli <julien.gilli@joyent.com>
This reverts commit ad0684807c.
Initially, this bug fix targeted master, and I pushed to have it
included in v0.10. In retrospect, I'm not sure it should have made into
v0.10 as it seems it could break a lot of existing working code.
In my opinion, this change is still a bug fix, and it is not backward
incompatible per se. However, I'm not sure that taking the risk to break
a lot of users with a new 0.10.x release that would include this fix is
reasonable, especially now that 0.10.x releases are entering
maintenance mode.
PR-URL: https://github.com/joyent/node/pull/9257
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This is a backport of 6c3647c38d from
v0.12 to v0.10.
Console.prototype.timeEnd() returns NaN if the timer label
corresponds to a property on Object.prototype. In v0.12, this was fixed
by using Object.create(null) to construct the _times object
However, the version of V8 in the v0.10 branch makes this fix not work
as expected. In v0.10, this commit changes the _times object into a
array of objects of the form:
{ label: someLabel, time: staringWallClockTime }
someLabel can thus be any string, including any string that represents
any Object.prototype field.
Fixes#9116.
PR: #9215
PR-URL: https://github.com/joyent/node/pull/9215
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Backport 10703774f0 from the v0.12 branch.
Currently, the test-child-process-spawn-typeerror.js is
calling execFile() on a JavaScript source file, which is
causing failures on Windows. This commit switches to calling
spawn() on an actual executable.
Fixes#8930.
Signed-off-by: Julien Gilli <julien.gilli@joyent.com>
Commit 934bfe23a1 had introduced a
regression where node would crash trying to access a null unref timer if
a given unref timer's callback would remove other unref timers set to
fire in the future.
More generally, it makes the unrefTimeout function more solid by not
mutating the unrefList while traversing it.
Fixes#8897.
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This change fixes a regression introduced by commit
0d051238be, which contained a typo that
would cause every unrefd interval to fire only once.
Fixes#8900.
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
A block of asserts were duplicated in
test/simple/test-child-process-spawn-typeerror.js. This commit
removes the duplicated asserts.
Fixes: https://github.com/joyent/node/pull/8454
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Before this change, _unrefActive would keep the unrefList sorted when
adding a new timer.
Because _unrefActive is called extremely frequently, this linear scan
(O(n) at worse) would make _unrefActive show high in the list of
contributors when profiling CPU usage.
This commit changes _unrefActive so that it doesn't try to keep the
unrefList sorted. The insertion thus happens in constant time.
However, when a timer expires, unrefTimeout has to go through the whole
unrefList because it's not ordered anymore.
It is usually not large enough to have a significant impact on
performance because:
- Most of the time, the timers will be removed before unrefTimeout is
called because their users (sockets mainly) cancel them when an I/O
operation takes place.
- If they're not, it means that some I/O took a long time to happen, and
the initiator of subsequents I/O operations that would add more timers
has to wait for them to complete.
With this change, _unrefActive does not show as a significant
contributor in CPU profiling reports anymore.
Fixes#8160.
PR-URL: #8751
Signed-off-by: Timothy J Fontaine <tjfontaine@gmail.com>
Do not abort the process if an error is thrown from within a domain, an
error handler is setup for the domain and --abort-on-uncaught-exception
was passed on the command line.
However, if an error is thrown from within the top-level domain's error
handler and --abort-on-uncaught-exception was passed on the command
line, make the process abort.
Fixes: https://github.com/joyent/node/issues/8631
Fixes: https://github.com/joyent/node/issues/8630
PR-URL: https://github.com/joyent/node/pull/8666
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Optional fork args should be type-checked with same behaviour as the
equivalent argument to spawn.
PR-URL: https://github.com/joyent/node/pull/8454
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
execFile and spawn have same API signature with respect to optional arg
array and optional options object, they should have same behaviour with
respect to argument validation.
PR-URL: https://github.com/joyent/node/pull/8454
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
The test wasn't checking directly that an assertion was thrown. Instead,
it was checking that spawn did not sucessfully spawn a non-existent
command.
However, the command chosen, dir, exists in GNU coreutils, so it exists
on Linux (though not on BSD derived OS X). The test as written passed on
Linux, even with the TypeError it is supposed to be checking for deleted
from spawn(). It would also pass on Windows if a ls.exe existed.
The approach is unnecessarily obscure, assert.throw() is for asserting
code throws, using it is more clear and works regardless of what
commands do or do not exist.
PR-URL: https://github.com/joyent/node/pull/8454
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
Add a test that goes through the whole matrix of:
- command line options (--enable-ssl*)
- secureOptions
- secureProtocols
and makes sure that compatible test setups actually work as expected.
The test works by spawning two processes for each test case: one client
and one server. The test passes if a SSL/TLS connection from the client
to the server is successful and the test case was supposed to pass, or
if the connection couldn't be established and the test case was supposed
to fail.
The test is currently located in the directory 'test/external' because
it has external dependencies.
In the case of a pipe'd input, i.e. from the CI the fd will be a PIPE
and when listen() is called it will return ENOTSOCK instead of EINVAL.
Backport: cd2d3aedaa
The order of the callbacks is non-deterministic, so don't expect the
error messages to come back in the same order every time, instead just
verify they are expected messages.
This change disables SSLv2/SSLv3 use by default, and introduces a
command line flag to opt into using SSLv2/SSLv3.
SSLv2 and SSLv3 are considered unsafe, and should only be used in
situations where compatibility with other components is required and
they cannot be upgrade to support newer forms of TLS.
Because of constant-timeness change made in openssl-1.0.1j the error is
no longer returned from EVP_DecryptFinal_ex. Now it just return 0, and
thus the error message does not contain proper error code. Adapt to this
change, there is not much that we could do about it.
Currently, a TypeError is incorrectly thrown if the second argument is
an object. This commit allows the args argument to be properly omitted.
Fixes: https://github.com/joyent/node/issues/6068
Reviewed-by: Trevor Norris <trev.norris@gmail.com>
When replying to a HEAD request, do not attempt to send the trailers and
EOF sequence (`0\r\n\r\n`). The HEAD request MUST not have body.
Quote from RFC:
The presence of a message body in a response depends on both the
request method to which it is responding and the response status code
(Section 3.1.2). Responses to the HEAD request method (Section 4.3.2
of [RFC7231]) never include a message body because the associated
response header fields (e.g., Transfer-Encoding, Content-Length,
etc.), if present, indicate only what their values would have been if
the request method had been GET (Section 4.3.1 of [RFC7231]).
fix#8361
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
This adds domains coverage for pdbkdf2, pseudoRandomBytes, and randomBytes.
All others should be covered by event emitters.
Fixes#5801.
Reviewed-By: Timothy J Fontaine <tjfontaine@gmail.com>
PR #8034 came with a test to make sure that timers expiry is based on
monotonic time and not on wall-clock time. However, a bug in the
implementation broke timers with non-integer delays. A fix for this
issue was provided with PR #8073, but it didn't come with a test.
Because #8073 fixed a subtle issue that could reappear in the future,
and because the impact of such an issue would be significant, I suggest
adding this test.
The test would timeout after 1 minute if the issue was reproduced.
Otherwise it will run very quickly.
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Documentation states that `querystring.unescape` may be overridden to
replace unescaper during parsing. However, the function was only
being used as a fallback for when the native decoder throws (on a
malformed URL). This patch moves the call to the native function and
the try/catch around it into querystring.unescape then has the parser
always invoke it, so that an override will always be used.
Fixes#4055
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Сковорода Никита Андреевич
Ben Noordhuis
Evan Lucas
Shigeki Ohtsu
James M Snell
Julien Gilli
skenqbx
Alexis Campailla
Timothy J Fontaine
Jonas Dohse
Amir Saboury
Fedor Indutny
cjihrig
Chris Dickinson
Sam Roberts
Tristan Berger