-
Notifications
You must be signed in to change notification settings - Fork 29.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
dgram: handle default address case when offset and length are specified #5407
Conversation
@@ -294,8 +302,7 @@ Socket.prototype.send = function(buffer, | |||
callback) { | |||
var self = this; | |||
|
|||
// same as arguments.length === 5 || arguments.length === 6 | |||
if (address) { | |||
if (address || port && !isFunction(port)) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we've given up on util.is*()
, just do a typeof
instead
1797304
to
056e607
Compare
@rvagg updated! thanks! |
@@ -294,8 +301,7 @@ Socket.prototype.send = function(buffer, | |||
callback) { | |||
var self = this; | |||
|
|||
// same as arguments.length === 5 || arguments.length === 6 | |||
if (address) { | |||
if (address || port && typeof port !== 'function') { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
sorry, a very minor nit but I'd prefer brackets around the &&
section to be explicit although I don't know if we've set precedent elsewhere in the code
lgtm |
LGTM |
056e607
to
7ae7c48
Compare
@rvagg nit fixed. I'll wait for CI to come back online before merging. @mafintosh can you please check if this solves the problem for you? |
linking to release proposal: #5400 |
I have a failure on windows: https://ci.nodejs.org/job/node-test-binary-windows/1193/RUN_SUBSET=3,VS_VERSION=vs2013,label=win2008r2/tapTestReport/test.tap-49/ It's a timeout issue, maybe I should just increate the timeout? New run, without any changes: https://ci.nodejs.org/job/node-test-pull-request/1744/ |
Ok, it is definitely an issue on windows 2008r2 and windows 2012r2. Any idea? BTW, this case was not covered by unit tests before, so it might well be the default address was not working on windows. |
@mcollina what happens if you remove the timer from the test? |
7ae7c48
to
379f99e
Compare
I've increased the timeout by 10 times, let's see how it goes: https://ci.nodejs.org/job/node-test-pull-request/1750/. |
Ok, it seems this is problematic on windows. I'll check tomorrow on my windows box (or is there anybody that can help). Given there were no unit tests for this case before, it's possible that we have this bug on Windows even on previous releases - I'll check that as well. |
Confirmed, this does not work on windows at all (tested quickly in v4.2.4): 'use strict'
const dgram = require('dgram')
const socket = dgram.createSocket('udp4')
const port = 2222
const assert = require('assert')
const buf = new Buffer('hello')
socket.on('listening', () => {
socket.send(buf, 0, buf.length, port)
})
const timer = setTimeout(() => {
assert.fail('no message')
}, 1000)
socket.on('message', (rec) => {
assert.ok(rec.equals(buf), 'buffer do not matches')
clearTimeout(timer)
socket.close()
})
socket.bind(port) |
I might need some help to get this fixed and released soonish. @nodejs/platform-windows can you help me out (also the windows fix might need backport to LTS)? |
I can take a look, but before I do, can you try the following? Bind to 127.0.0.1 instead of letting the autobind magic work. Also, the target address should be specified IMHO. It may work somewhere by accident, but what does it mean to send a datagram to port 2222? As in, port 2222 of what IP address? |
I took a quick peek, and the internal lookup thing sets the address to '0.0.0.0' if undefined, that's not going to fly on all platforms, I'm afraid. |
@saghul binding to 127.0.0.1 does not work either.
I completely agree with you, but in the docs we support address to be optional (IMHO it should not be):
@mafintosh this means you had a bug in your library on windows systems anyway. We have an accidental behavior on which modules rely on, so I think we should keep supporting that, and maybe look for deprecating the default address (in dgram, net, tls, http, ...) in the next semver-major cycle for outgoing connections/messages. How can I rewrite the tests so that they are run only on Linux/Mac? Should I just add an if at the beginning and early return if windows? |
The docs actually say this: "It is possible, depending on the network configuration, that these defaults may not work; accordingly, it is best to be explicit about the destination address. " so, I suggest you write the test by passing the address and no rely on it being undefined. |
@saghul the bug we are trying to address here is that I (unintentionally) broke the old "half-broken" behavior:
To avoid any regressions, I am adding a unit test, because there was no one before. |
379f99e
to
07fec97
Compare
Tests passes, I've added a bit more of comments around it. Can I get a bunch of LGTM so we can land this? |
cc @silverwind |
LGTM as a short-term fix but not too happy about the Windows skip, it should be researched further. |
Landed in 725ffdb |
Fixes a regression introduced by: #4374. Adds a new test to avoid similar issue in the future. The test is disabled on windows, because this feature never worked there. Fixes: #5398 Reviewed-By: Roman Reiss <me@silverwind.io> Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Evan Lucas <evanlucas@me.com>
Notable changes: * governance: The Core Technical Committee (CTC) added four new members to help guide Node.js core development: Evan Lucas, Rich Trott, Ali Ijaz Sheikh and Сковорода Никита Андреевич (Nikita Skovoroda). * openssl: Upgrade from 1.0.2f to 1.0.2g (Ben Noordhuis) #5507 - Fix a double-free defect in parsing malformed DSA keys that may potentially be used for DoS or memory corruption attacks. It is likely to be very difficult to use this defect for a practical attack and is therefore considered low severity for Node.js users. More info is available at https://www.openssl.org/news/vulnerabilities.html#2016-0705 - Fix a defect that can cause memory corruption in certain very rare cases relating to the internal `BN_hex2bn()` and `BN_dec2bn()` functions. It is believed that Node.js is not invoking the code paths that use these functions so practical attacks via Node.js using this defect are _unlikely_ to be possible. More info is available at https://www.openssl.org/news/vulnerabilities.html#2016-0797 - Fix a defect that makes the CacheBleed Attack (https://ssrg.nicta.com.au/projects/TS/cachebleed/) possible. This defect enables attackers to execute side-channel attacks leading to the potential recovery of entire RSA private keys. It only affects the Intel Sandy Bridge (and possibly older) microarchitecture when using hyper-threading. Newer microarchitectures, including Haswell, are unaffected. More info is available at https://www.openssl.org/news/vulnerabilities.html#2016-0702 * Fixed several regressions that appeared in v5.7.0: - path.relative(): - Output is no longer unnecessarily verbose (Brian White) #5389 - Resolving UNC paths on Windows now works correctly (Owen Smith) #5456 - Resolving paths with prefixes now works correctly from the root directory (Owen Smith) #5490 - url: Fixed an off-by-one error with `parse()` (Brian White) #5394 - dgram: Now correctly handles a default address case when offset and length are specified (Matteo Collina) #5407 PR-URL: #5464
Notable changes: * governance: The Core Technical Committee (CTC) added four new members to help guide Node.js core development: Evan Lucas, Rich Trott, Ali Ijaz Sheikh and Сковорода Никита Андреевич (Nikita Skovoroda). * openssl: Upgrade from 1.0.2f to 1.0.2g (Ben Noordhuis) nodejs#5507 - Fix a double-free defect in parsing malformed DSA keys that may potentially be used for DoS or memory corruption attacks. It is likely to be very difficult to use this defect for a practical attack and is therefore considered low severity for Node.js users. More info is available at https://www.openssl.org/news/vulnerabilities.html#2016-0705 - Fix a defect that can cause memory corruption in certain very rare cases relating to the internal `BN_hex2bn()` and `BN_dec2bn()` functions. It is believed that Node.js is not invoking the code paths that use these functions so practical attacks via Node.js using this defect are _unlikely_ to be possible. More info is available at https://www.openssl.org/news/vulnerabilities.html#2016-0797 - Fix a defect that makes the CacheBleed Attack (https://ssrg.nicta.com.au/projects/TS/cachebleed/) possible. This defect enables attackers to execute side-channel attacks leading to the potential recovery of entire RSA private keys. It only affects the Intel Sandy Bridge (and possibly older) microarchitecture when using hyper-threading. Newer microarchitectures, including Haswell, are unaffected. More info is available at https://www.openssl.org/news/vulnerabilities.html#2016-0702 * Fixed several regressions that appeared in v5.7.0: - path.relative(): - Output is no longer unnecessarily verbose (Brian White) nodejs#5389 - Resolving UNC paths on Windows now works correctly (Owen Smith) nodejs#5456 - Resolving paths with prefixes now works correctly from the root directory (Owen Smith) nodejs#5490 - url: Fixed an off-by-one error with `parse()` (Brian White) nodejs#5394 - dgram: Now correctly handles a default address case when offset and length are specified (Matteo Collina) nodejs#5407 PR-URL: nodejs#5464
In net we default to 'localhost' as the default address for connect. Not doing the same on dgram is confusing, because sending to 0.0.0.0 works on Linux/OS X but not on Windows. Defaulting that to 127.0.0.1 / ::1 addresses that. Related: nodejs#5407 Related: nodejs#5398 Fixes: nodejs#5487
In net we default to 'localhost' as the default address for connect. Not doing the same on dgram is confusing, because sending to 0.0.0.0 works on Linux/OS X but not on Windows. Defaulting that to 127.0.0.1 / ::1 addresses that. Related: #5407 Related: #5398 Fixes: #5487 PR-URL: #5493 Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com> Reviewed-By: Roman Reiss <me@silverwind.io>
In net we default to 'localhost' as the default address for connect. Not doing the same on dgram is confusing, because sending to 0.0.0.0 works on Linux/OS X but not on Windows. Defaulting that to 127.0.0.1 / ::1 addresses that. Related: #5407 Related: #5398 Fixes: #5487 PR-URL: #5493 Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com> Reviewed-By: Roman Reiss <me@silverwind.io>
In net we default to 'localhost' as the default address for connect. Not doing the same on dgram is confusing, because sending to 0.0.0.0 works on Linux/OS X but not on Windows. Defaulting that to 127.0.0.1 / ::1 addresses that. Related: #5407 Related: #5398 Fixes: #5487 PR-URL: #5493 Reviewed-By: Saúl Ibarra Corretgé <saghul@gmail.com> Reviewed-By: Roman Reiss <me@silverwind.io>
Fixes a regression introduced by: #4374. Adds a new test to avoid similar issue in the future. The test is disabled on windows, because this feature never worked there. Fixes: #5398 Reviewed-By: Roman Reiss <me@silverwind.io> Reviewed-By: Rod Vagg <rod@vagg.org> Reviewed-By: Evan Lucas <evanlucas@me.com>
Pull Request check-list
make -j8 test
(UNIX) orvcbuild test nosign
(Windows) pass withthis change (including linting)?
test (or a benchmark) included?
existing APIs, or introduces new ones)?
Affected core subsystem(s)
dgram
Description of change
Fixes a regression introduced by #4374 and released in 5.7.0.
Adds a new test to avoid similar issue in the future.
Fixes: #5398
Please review @jasnell @saghul @mafintosh @Fishrock123 @rvagg