From 1ee2b0630010a273c36bdd49e909690f376a0772 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C3=ABl=20Zasso?= Date: Thu, 28 Sep 2023 15:03:19 +0200 Subject: [PATCH] src: limit Buffer::kMaxLength to 1TB This change has no real effect for now, as the V8 maximum typed array length is still 2**32. When V8 is updated to version 11.9 or later, the limit will be 2**53-1 on 64-bit architectures, much larger than any reasonable amount of RAM. This caps the limit at 1TB, which is already very large and corresponds to the maximum memory that AddressSanitizer allows to allocate. Refs: https://github.com/nodejs/node/pull/49876 Refs: https://github.com/nodejs/node-v8/issues/268 --- src/node_buffer.h | 4 +++- src/node_errors.h | 8 +++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/node_buffer.h b/src/node_buffer.h index 606a6f5caa3..76d57d8384e 100644 --- a/src/node_buffer.h +++ b/src/node_buffer.h @@ -29,7 +29,9 @@ namespace node { namespace Buffer { -static const size_t kMaxLength = v8::TypedArray::kMaxLength; +static constexpr size_t kMaxLength = + v8::TypedArray::kMaxLength < 0x10000000000ull ? v8::Uint8Array::kMaxLength + : 0x10000000000ull; typedef void (*FreeCallback)(char* data, void* hint); diff --git a/src/node_errors.h b/src/node_errors.h index 569dafe82df..7a9778f5f00 100644 --- a/src/node_errors.h +++ b/src/node_errors.h @@ -5,6 +5,7 @@ #include "debug_utils-inl.h" #include "env.h" +#include "node_buffer.h" #include "v8.h" // Use ostringstream to print exact-width integer types @@ -216,9 +217,10 @@ inline void THROW_ERR_SCRIPT_EXECUTION_TIMEOUT(Environment* env, inline v8::Local ERR_BUFFER_TOO_LARGE(v8::Isolate* isolate) { char message[128]; - snprintf(message, sizeof(message), - "Cannot create a Buffer larger than 0x%zx bytes", - v8::TypedArray::kMaxLength); + snprintf(message, + sizeof(message), + "Cannot create a Buffer larger than 0x%zx bytes", + Buffer::kMaxLength); return ERR_BUFFER_TOO_LARGE(isolate, message); }