v8: fix offsets for TypedArray deserialization

Fix the offset calculation for deserializing TypedArrays that are not aligned in their original buffer. Since `byteOffset` refers to the offset into the source `Buffer` instance, not its underlying `ArrayBuffer`, that is what should be passed to `buffer.copy`. PR-URL: #12143 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>
nodejs · Apr 3, 2017 · 33a19b4 · 33a19b4
1 parent 56e881d
commit 33a19b4
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 1 deletion.
diff --git a/lib/v8.js b/lib/v8.js
@@ -177,7 +177,8 @@ class DefaultDeserializer extends Deserializer {
     } else {
       // Copy to an aligned buffer first.
       const copy = Buffer.allocUnsafe(byteLength);
-      bufferBinding.copy(this.buffer, copy, 0, offset, offset + byteLength);
+      bufferBinding.copy(this.buffer, copy, 0,
+                         byteOffset, byteOffset + byteLength);
       return new ctor(copy.buffer,
                       copy.byteOffset,
                       byteLength / BYTES_PER_ELEMENT);

diff --git a/test/parallel/test-v8-serdes.js b/test/parallel/test-v8-serdes.js
@@ -118,3 +118,12 @@ const objects = [
   assert.deepStrictEqual(buf, ser.releaseBuffer());
   assert.strictEqual(des.getWireFormatVersion(), 0x0d);
 }
+
+{
+  // Unaligned Uint16Array read, with padding in the underlying array buffer.
+  let buf = Buffer.alloc(32 + 9);
+  buf.write('ff0d5c0404addeefbe', 32, 'hex');
+  buf = buf.slice(32);
+  assert.deepStrictEqual(v8.deserialize(buf),
+                         new Uint16Array([0xdead, 0xbeef]));
+}