Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"zlib.createGunzip()._transform" results in an abort #37884

Open
zyscoder opened this issue Mar 24, 2021 · 4 comments
Open

"zlib.createGunzip()._transform" results in an abort #37884

zyscoder opened this issue Mar 24, 2021 · 4 comments
Labels
stream Issues and PRs related to the stream subsystem.

Comments

@zyscoder
Copy link

What steps will reproduce the bug?

Setup a node instance,

» node

and run the following javascript code.

zlib.createGunzip()._transform("")

Then an abort occurs.

How often does it reproduce? Is there a required condition?

This abort can always be triggered following the steps above.

What is the expected behavior?

If any error occurs, an exception or other similar error-reporting stuff should be thrown. There is no reason to abort the whole node process.

What do you see instead?

» node
Welcome to Node.js v14.15.1.
Type ".help" for more information.
> zlib.createGunzip()._transform("")
node[180922]: ../src/node_zlib.cc:316:static void node::{anonymous}::CompressionStream<CompressionContext>::Write(const v8::FunctionCallbackInfo<v8::Value>&) [with bool async = true; CompressionContext = node::{anonymous}::ZlibContext]: Assertion `Buffer::HasInstance(args[1])' failed.
 1: 0xa03530 node::Abort() [node]
 2: 0xa035ae  [node]
 3: 0xac2baa  [node]
 4: 0xbe369b  [node]
 5: 0xbe4c46  [node]
 6: 0xbe52c6 v8::internal::Builtin_HandleApiCall(int, unsigned long*, v8::internal::Isolate*) [node]
 7: 0x13ff259  [node]
[1]    180922 abort (core dumped)  node

Additional information
@addaleax
Copy link
Member

Generally speaking, you should not call the internals of Node.js API objects and expect good results. _transform is a method that you should not call from other code, as noted by the streams docs.

So while this is fixable, I don't think it's necessarily worth doing so.

@addaleax addaleax added the zlib Issues and PRs related to the zlib subsystem. label Mar 24, 2021
@zyscoder
Copy link
Author

I'm confused since the docs mentioned that application code must not invoke this kind of APIs, why not declare them as private fields (or something like that)? BTW, zlib.createGunzip()._write("") can also trigger this abort. I'm not sure If there any possibility of misusing between write and _write.

@addaleax
Copy link
Member

I'm confused since the docs mentioned that application code must not invoke this kind of APIs, why not declare them as private fields (or something like that)?

Because they are supposed to be called by the streams superclasses (and by them only). I think putting them behind e.g. a symbol would make sense, but I’m not sure if that isn’t too big of a change to streams these days.

@addaleax addaleax mentioned this issue Mar 27, 2021
Closed
@jasnell
Copy link
Member

jasnell commented Mar 27, 2021

I'd like to see these transition into symbols but, by definition the symbols would still need to be exposed so we can't prevent direct calls entirely. We should at least make sure direct calls don't abort and do throw proper errors, however.

@aduh95 aduh95 added stream Issues and PRs related to the stream subsystem. and removed zlib Issues and PRs related to the zlib subsystem. labels Apr 1, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
stream Issues and PRs related to the stream subsystem.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@jasnell @addaleax @aduh95 @zyscoder