buffer: use size_t instead of uint32_t to avoid segmentation fault #48033

Xstoudi · 2023-05-16T11:49:38Z

If tests are needed for this, I'll need some guidance about how to do it as I don't know how to test if something produce a segfault or not.

bnoordhuis

It's spelled uint32_t but LGTM apart from that. :-)

I spotted another bug while looking at the surrounding code: that CHECK(dlen >= slen * 2) a few lines up doesn't guard against overflow. Maybe good for a follow-up PR.

Xstoudi · 2023-05-16T20:59:48Z

Commit message amended.

I could fix that bug directly if needed but I'm not sure to understand in which case would it let an overflow happen?

bnoordhuis · 2023-05-17T14:34:39Z

Imagine size_t is 32 bits and slen == 0x80000001, then slen * 2 wraps around to 2.

As a bug it's mostly hypothetical but it's not entirely in the realm of the impossible.

Xstoudi · 2023-07-22T20:59:01Z

Any chance it get merged?

targos · 2023-07-24T07:16:57Z

@nodejs/cpp-reviewers

src/string_bytes.cc

nodejs-github-bot · 2023-12-23T16:44:15Z

CI: https://ci.nodejs.org/job/node-test-pull-request/56485/

nodejs-github-bot · 2024-05-10T17:43:19Z

CI: https://ci.nodejs.org/job/node-test-pull-request/59081/

Fixes: nodejs#46836

Co-authored-by: Tobias Nießen <tniessen@tnie.de>

nodejs-github-bot · 2024-05-11T09:18:05Z

CI: https://ci.nodejs.org/job/node-test-pull-request/59090/

src/string_bytes.cc

nodejs-github-bot · 2024-05-11T09:21:59Z

CI: https://ci.nodejs.org/job/node-test-pull-request/59091/

aduh95 · 2024-05-11T13:27:05Z

Landed in 05a941f

Fixes: #46836 PR-URL: #48033 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com> Reviewed-By: Shelley Vohr <shelley.vohr@gmail.com> Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>

Fixes: nodejs#46836 PR-URL: nodejs#48033 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Minwoo Jung <nodecorelab@gmail.com> Reviewed-By: Shelley Vohr <shelley.vohr@gmail.com> Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>

nodejs-github-bot added buffer Issues and PRs related to the buffer subsystem. c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run. labels May 16, 2023

Xstoudi force-pushed the fix/segfault-hex-encode branch from 1c62637 to ed1b2fd Compare May 16, 2023 11:53

Xstoudi changed the title ~~fix: use size_t instead of uint_32_t to avoid segmentation fault~~ buffer: use size_t instead of uint_32_t to avoid segmentation fault May 16, 2023

bnoordhuis approved these changes May 16, 2023

View reviewed changes

Xstoudi force-pushed the fix/segfault-hex-encode branch from ed1b2fd to 73805bb Compare May 16, 2023 20:50

Xstoudi changed the title ~~buffer: use size_t instead of uint_32_t to avoid segmentation fault~~ buffer: use size_t instead of uint32_t to avoid segmentation fault May 16, 2023

bnoordhuis added request-ci Add this label to start a Jenkins CI on a PR. and removed needs-ci PRs that need a full CI run. labels May 17, 2023

github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 17, 2023

This comment was marked as outdated.

Sign in to view

lpinca approved these changes May 17, 2023

View reviewed changes

targos approved these changes May 17, 2023

View reviewed changes

jasnell approved these changes May 17, 2023

View reviewed changes

This comment was marked as outdated.

Sign in to view

github-actions bot mentioned this pull request May 18, 2023

CI Reliability 2023-05-18 nodejs/reliability#569

Open

20 tasks

This comment was marked as outdated.

Sign in to view

github-actions bot mentioned this pull request May 19, 2023

CI Reliability 2023-05-19 nodejs/reliability#570

Open

21 tasks

JungMinu approved these changes May 19, 2023

View reviewed changes

codebytere approved these changes Jul 24, 2023

View reviewed changes

aduh95 added the request-ci Add this label to start a Jenkins CI on a PR. label Aug 10, 2023

github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Aug 10, 2023

This comment was marked as outdated.

Sign in to view

tniessen reviewed Aug 10, 2023

View reviewed changes

src/string_bytes.cc Outdated Show resolved Hide resolved

github-actions bot mentioned this pull request Aug 11, 2023

CI Reliability 2023-08-11 nodejs/reliability#634

Open

29 tasks

Qard approved these changes Dec 24, 2023

View reviewed changes

aduh95 added the request-ci Add this label to start a Jenkins CI on a PR. label May 10, 2024

github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 10, 2024

Xstoudi and others added 5 commits May 11, 2024 12:16

buffer: use size_t instead of uint32_t to avoid segmentation fault

ef83723

Fixes: nodejs#46836

fix: fix another potential overflow

855fd36

fix: remove blankline

ca4471a

fix: format cpp

98d8590

Apply suggestions from code review

d80d6ca

Co-authored-by: Tobias Nießen <tniessen@tnie.de>

aduh95 force-pushed the fix/segfault-hex-encode branch from e7ba2bf to d80d6ca Compare May 11, 2024 09:16

aduh95 reviewed May 11, 2024

View reviewed changes

src/string_bytes.cc Outdated Show resolved Hide resolved

format_cpp

62f99dc

aduh95 merged commit 05a941f into nodejs:main May 11, 2024
50 checks passed

targos mentioned this pull request May 13, 2024

v22.2.0 release proposal #52971

Merged

marco-ippolito mentioned this pull request Jun 17, 2024

v20.15.0 proposal #53486

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

buffer: use size_t instead of uint32_t to avoid segmentation fault #48033

buffer: use size_t instead of uint32_t to avoid segmentation fault #48033

Xstoudi commented May 16, 2023

bnoordhuis left a comment

Xstoudi commented May 16, 2023

bnoordhuis commented May 17, 2023

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

Xstoudi commented Jul 22, 2023

targos commented Jul 24, 2023

This comment was marked as outdated.

nodejs-github-bot commented Dec 23, 2023

nodejs-github-bot commented May 10, 2024

nodejs-github-bot commented May 11, 2024

nodejs-github-bot commented May 11, 2024

aduh95 commented May 11, 2024

buffer: use size_t instead of uint32_t to avoid segmentation fault #48033

buffer: use size_t instead of uint32_t to avoid segmentation fault #48033

Conversation

Xstoudi commented May 16, 2023

bnoordhuis left a comment

Choose a reason for hiding this comment

Xstoudi commented May 16, 2023

bnoordhuis commented May 17, 2023

This comment was marked as outdated.

This comment was marked as outdated.

This comment was marked as outdated.

Xstoudi commented Jul 22, 2023

targos commented Jul 24, 2023

This comment was marked as outdated.

nodejs-github-bot commented Dec 23, 2023

nodejs-github-bot commented May 10, 2024

nodejs-github-bot commented May 11, 2024

nodejs-github-bot commented May 11, 2024

aduh95 commented May 11, 2024