This is a partial backport of semver-patch bits of
9e4660b518.
This commit fixes the Node process crashing when constructors of classes
of the zlib module are given invalid options.
* Throw an Error when the zlib library rejects the value of windowBits,
instead of crashing with an assertion.
* Treat windowBits and memLevel options consistently with other ones and
don't crash when non-numeric values are given.
Backport-PR-URL: https://github.com/nodejs/node/pull/14860
PR-URL: https://github.com/nodejs/node/pull/13098
Fixes: https://github.com/nodejs/node/issues/13082
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Functions that call `ECDH::BufferToPoint` were not clearing the
error stack on failure, so an invalid key could leave leftover
error state and cause subsequent (unrelated) signing operations
to fail.
PR-URL: https://github.com/nodejs/node/pull/13275
Backport-PR-URL: https://github.com/nodejs/node/pull/13399
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This fixes a potential Buffer(num) call when the user passes a number
as the 'auth' property.
This now throws instead of allocating an unitialized memory Buffer and
sending that in the Authorization header.
Fixes: https://github.com/nodejs/security/issues/111
PR-URL: https://github.com/nodejs/node-private/pull/83
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Currently test-tls-socket-close will fail if node
was built using --without-ssl. This commit adds a check to
verify is crypto support exists and if not skip this test.
PR-URL: https://github.com/nodejs/node/pull/11911
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
The TLSWrap constructor is passed a StreamBase* which it stores as
TLSWrap::stream_, and is used to receive/send data along the pipeline
(e.g. tls -> tcp). Problem is the lifetime of the instance that stream_
points to is independent of the lifetime of the TLSWrap instance. So
it's possible for stream_ to be delete'd while the TLSWrap instance is
still alive, allowing potential access to a then invalid pointer.
Fix by having the StreamBase destructor null out TLSWrap::stream_;
allowing all TLSWrap methods that rely on stream_ to do a check to see
if it's available.
While the test provided is fixed by this commit, it was also previously
fixed by 478fabf. Regardless, leave the test in for better testing.
PR-URL: https://github.com/nodejs/node/pull/11947
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
TLSWrap object keeps a pointer reference to the underlying
TCPWrap object. This TCPWrap object could be closed and deleted
by the event-loop which leaves us with a dangling pointer.
So the TLSWrap object needs to track the "close" event on the
TCPWrap object.
PR-URL: https://github.com/nodejs/node/pull/11776
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Brian White <mscdex@mscdex.net>
Test executes with a copy of the node executable since $PREFIX/lib/node
is relative to the executable location.
PR-URL: https://github.com/nodejs/node/pull/9283
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: João Reis <reis@janeasystems.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Removes branch that would make TLSSocket emit '_tlsError' event if
error occured on handshake and control was not released, as it was
never happening. Added test for tls.Server to ensure it still emits
'tlsClientError' as expected.
Note that 'tlsClientError' does not exist in the v4.x branch so this
back-port emits 'clientError' instead. See also pull request #4557.
Fixes: https://github.com/nodejs/node/issues/8803
PR-URL: https://github.com/nodejs/node/pull/8805
Refs: https://github.com/nodejs/node/pull/4557
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
`request.abort()` did not destroy the socket if it was called
before a socket was assigned to the request and the request
did not use an `Agent` or a Unix Domain Socket was used.
Fixes: https://github.com/nodejs/node/issues/10812
PR-URL: https://github.com/nodejs/node/pull/10818
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
test-child-process-spawnsync-timeout failed from time to time on
Raspberry Pi devices. Use common.platformTimeout() to allow a little
more time to run on resource-constrained hosts.
PR-URL: https://github.com/nodejs/node/pull/10998
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
In test-timers, confirm that all input values that should be coerced to
1 ms are not being coerced to a significantly larger value.
This eliminates the need for the separate test-regress-GH-897.
PR-URL: https://github.com/nodejs/node/pull/10960
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
* use common.mustCall to validate functions executions
* use common.fail to check test fail
* remove console.log
* use arrow functions
PR-URL: https://github.com/nodejs/node/pull/10845
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Test that an error is thrown when bind() is called on an already bound
socket.
PR-URL: https://github.com/nodejs/node/pull/10894
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Claudio Rodriguez <cjrodr@yahoo.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
* use common.mustCall to validate functions executions
* use common.fail to check test fail
* improve error validations
* remove unnecessary assertions
* use arrow functions
PR-URL: https://github.com/nodejs/node/pull/10813
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
* use common.mustCall to validate functions executions
* use common.fail to control error
* remove unnecessary variables
* remove unnecessary assertions
* remove console.log and console.error
* use arrow functions
PR-URL: https://github.com/nodejs/node/pull/10798
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
* use const instead of var
* use assert.strictEqual instead of assert.equal
* use common.mustCall instead of process.on( 'exit', fn )
PR-URL: https://github.com/nodejs/node/pull/10725
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
* use common.fail to handle errors
* remove console.log
* use arrow functions
PR-URL: https://github.com/nodejs/node/pull/10830
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
The Hmac binding layer is not documented as part of the API, and is not
intended to be used, but it should be robust to misuse, and contains
defensive checks for misuse. This test checks that updates without init
throw (as opposed to abort or misbehave in some other way).
PR-URL: https://github.com/nodejs/node/pull/10923
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
If a test does http.listen(0) or net.listen(0),
http.listen(0).address().address returns '::'. Some machines will
resolve this to localhost, but not all. Every machine should have
localhost defined in /etc/hosts (or equivalent), so it should always
resolve.
Fixes: https://github.com/nodejs/node/issues/7291
Add RegExp to check assert throws the expected AssertionErrors.
For the one with multiple flags is ok to hardcode the flags since the
spec indicates the ordering will always be `gim`:
Refs: http://www.ecma-international.org/ecma-262/6.0/#sec-get-regexp.prototype.flags
PR-URL: https://github.com/nodejs/node/pull/10916
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Added test cases for error.
PR-URL: https://github.com/nodejs/node/pull/10940
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Don't do a write on stdout/stderr because that checks for their
writability. But fd=1 could legitimately be opened with read-only
access by the user. All this test needs to ensure is that
they are used at startup.
PR-URL: https://github.com/nodejs/node/pull/10339
Fixes: https://github.com/nodejs/node/issues/10234
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Add regular expression for error message validation to instances of
assert.throws() in test-assert.js.
PR-URL: https://github.com/nodejs/node/pull/10890
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/10832
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
* validate the errors for assert.throws
* use arrow functions
PR-URL: https://github.com/nodejs/node/pull/10714
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit enables writev for Unix Domain Sockets on supported
platforms thus enabling cork/uncork functionality for them and
improving IPC performance.
Fixes: https://github.com/nodejs/node/issues/5095
PR-URL: https://github.com/nodejs/node/pull/10677
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
* change the nested functions call to run tests in parallel
* use const and let instead of var
* use common.mustCall to control functions execution
* use assert.strictEqual instead of assert.equal
* use arrow functions
PR-URL: https://github.com/nodejs/node/pull/10462
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Prince John Wesley <princejohnwesley@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
* use const instead of var
* use assert.strictEqual instead of assert.equal
* use arrow functions
PR-URL: https://github.com/nodejs/node/pull/10570
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/11061
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/11140
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
When emitting a 'connection' event on a httpServer, the function
connectionListener is called. Then, a new parser is created, and
'consume' method is called on the socket's externalStream. However,
if this stream was already consumed and unconsumed, the process
crashes with a cpp assert from the 'Consume' method in stream_base.h.
This commit makes sure that no SIGABRT will be raised and the process
will stay alive (after emitting the socket).
PR-URL: https://github.com/nodejs/node/pull/11015
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Expand error message checking to include the entire error string in
test-dgram-membership.
PR-URL: https://github.com/nodejs/node/pull/11187
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Add two, admittedly contrived, examples that test
edge cases of the vm module.
They demonstrate that the if statements `if (maybe_rv.IsEmpty())` and
`if (maybe_prop_attr.IsNothing())` in the GetterCallback
and the QueryCallback are observable.
Both GetterCallback and QueryCallback
explicitly check the global_proxy() if a property is
not found on the sandbox. In these tests, the explicit check
inside the callback yields different results than deferring the
check until after the callback. The check is deferred, if the
callbacks do not intercept, i.e., if args.GetReturnValue().Set() is
not called.
PR-URL: https://github.com/nodejs/node/pull/11265
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Adds two additional tests for mapDomain function in punycode.js.
When an email address is given to the toASCII() and toUnicode()
functions, only the parts before the '@' character should be
encoded/decoded.
PR-URL: https://github.com/nodejs/node/pull/11144
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
This commit adds code coverage to _createSocketHandle(), which
the cluster module uses to create dgram sockets.
PR-URL: https://github.com/nodejs/node/pull/11291
Reviewed-By: James M Snell <jasnell@gmail.com>
* call Certificate function directly
* check exception when sign option is undefined
PR-URL: https://github.com/nodejs/node/pull/11280
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Santiago Gimeno <santiago.gimeno@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
test-net-connect-local-error can fail with messages that report
`AssertionError: undefined === 12346`. Unfortunately, this doesn't
provide sufficient information to identify what went wrong with the
test. Increase information provided.
PR-URL: https://github.com/nodejs/node/pull/11393
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Alexey Orlenko
Ryan Kelly
Сковорода Никита Андреевич
Rich Trott
Nikolai Vavilov
Daniel Bevenius
Bartosz Sosnowski
Ben Noordhuis
Trevor Norris
jBarz
Richard Lau
Mariusz 'koder' Chwalba
Luigi Pinca
cjihrig
abouthiroppy
Vinícius do Carmo
Adrian Estrada
stefan judis
Sam Roberts
Gibson Fahnestock
richnologies
Travis Meisenheimer
Mark
Junshu Okamoto
Marlena Compton
Gonen Dukas
matsuda-koushi
Shigeki Ohtsu
Roee Kasher
Franziska Hinkelmann
Sebastian Van Sande
Akito Ito