jiangcuo/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2025-05-08 20:39:30 +00:00
Code Issues Actions 12 Packages Projects Releases Wiki Activity
26,094 Commits 67 Branches 878 Tags 2.1 GiB
31147c4704
Commit Graph

6 Commits

Author SHA1 Message Date
Anna Henningsen
31147c4704
buffer: do not affect memory after target for utf16 write 
Do not write one character too much before shifting the whole result
to the left when using UTF16-LE, possibly overwriting already-used
memory while doing so.

Fixes: https://github.com/nodejs/node/issues/26422

PR-URL: https://github.com/nodejs/node/pull/26432
Fixes: https://github.com/nodejs/node/issues/26422
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Minwoo Jung <minwoo@nodesource.com>
 2019-03-07 00:40:21 +01:00
Rod Vagg
88105c998e buffer: avoid overrun on UCS-2 string write 
CVE-2018-12115
Discovered by ChALkeR - Сковорода Никита Андреевич
Fix by Anna Henningsen

Writing to the second-to-last byte with UCS-2 encoding will cause a -1
length to be send to String::Write(), writing all of the provided Buffer
from that point and beyond.

Fixes: https://github.com/nodejs-private/security/issues/203
PR-URL: https://github.com/nodejs-private/node-private/pull/138
 2018-08-16 19:14:15 +10:00
starkwang
dbfe8c4ea2
errors,buffer: port errors to internal/errors 
PR-URL: https://github.com/nodejs/node/pull/13976
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
 2017-07-12 17:00:30 -04:00
Nataly Shrits
20b00f3a36 test: replace indexOf with includes and startsWith 
PR-URL: https://github.com/nodejs/node/pull/13852
Refs: https://github.com/nodejs/node/issues/12586
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
 2017-07-02 23:36:39 +02:00
David Cai
a710e443a2
test: complete coverage of buffer 
PR-URL: https://github.com/nodejs/node/pull/12831
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
 2017-05-07 22:20:33 +02:00
David Cai
04796ee97f test: increase coverage of buffer 
Increase coverage of lib/buffer.js.

PR-URL: https://github.com/nodejs/node/pull/12714
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
 2017-05-03 10:35:56 +08:00