(v6.x backport) zlib: fix node crashing on invalid options #13201

aqrln · 2017-05-24T17:50:32Z

This is a partial backport of semver-patch bits of 9e4660b.

This commit fixes the Node process crashing when constructors of classes
of the zlib module are given invalid options.

Throw an Error when the zlib library rejects the value of windowBits,
instead of crashing with an assertion.
Treat windowBits and memLevel options consistently with other ones and
don't crash when non-numeric values are given.

Refs: #13098

Checklist

make -j4 test (UNIX), or vcbuild test (Windows) passes
tests and/or benchmarks are included
documentation is changed or added
commit message follows commit guidelines

Affected core subsystem(s)

zlib

This is a partial backport of semver-patch bits of 9e4660b. This commit fixes the Node process crashing when constructors of classes of the zlib module are given invalid options. * Throw an Error when the zlib library rejects the value of windowBits, instead of crashing with an assertion. * Treat windowBits and memLevel options consistently with other ones and don't crash when non-numeric values are given. Refs: nodejs#13098

sam-github · 2017-05-24T18:44:23Z

src/node_zlib.cc

    ctx->dictionary_ = reinterpret_cast<Bytef *>(dictionary);
    ctx->dictionary_len_ = dictionary_len;

    ctx->write_in_progress_ = false;
    ctx->init_done_ = true;
+
+    if (ctx->err_ != Z_OK) {
+      if (dictionary != nullptr) {


fwiw, you don't need the conditional, the following two lines of code can run correctly whether dictionary is nullptr or not.

Oh, nice. Thanks.

refack

LGTM % small nits

refack · 2017-05-25T02:52:47Z

lib/zlib.js

+  var memLevel = exports.Z_DEFAULT_MEMLEVEL;
+  if (typeof opts.memLevel === 'number') memLevel = opts.memLevel;
+
+  this._handle.init(windowBits || exports.Z_DEFAULT_WINDOWBITS,


If your changing this line anyway, IMHO handle the fallback in 383 (opts.windowBits && typeof...)

refack · 2017-05-25T02:52:53Z

lib/zlib.js

                    level,
-                    opts.memLevel || exports.Z_DEFAULT_MEMLEVEL,
+                    memLevel || exports.Z_DEFAULT_MEMLEVEL,


refack · 2017-05-25T02:54:29Z

test/parallel/test-zlib-failed-init.js

+
+// For raw deflate encoding, requests for 256-byte windows are rejected as
+// invalid by zlib.
+// (http://zlib.net/manual.html#Advanced)


~~change to:~~
~~Ref: http://zlib.net/manual.html#Advanced~~

Dismissed

Not a good idea to change this one since that's how it is already committed to master.

refack

Win! 💯
(appreciated all the branch juggling you did for that)

aqrln · 2017-05-25T08:27:41Z

CI: https://ci.nodejs.org/job/node-test-pull-request/8297/

MylesBorins · 2017-05-30T16:36:27Z

This can land once we do the next v6.x release

gibfahn · 2017-06-17T19:00:51Z

CI: https://ci.nodejs.org/job/node-test-commit/10630/

This is a partial backport of semver-patch bits of 9e4660b. This commit fixes the Node process crashing when constructors of classes of the zlib module are given invalid options. * Throw an Error when the zlib library rejects the value of windowBits, instead of crashing with an assertion. * Treat windowBits and memLevel options consistently with other ones and don't crash when non-numeric values are given. PR-URL: nodejs#13098 Backport-PR-URL: nodejs#13201 Fixes: nodejs#13082 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Sakthipriyan Vairamani <[email protected]>

gibfahn · 2017-06-17T21:47:46Z

Landed in 321c90f

This is a partial backport of semver-patch bits of 9e4660b. This commit fixes the Node process crashing when constructors of classes of the zlib module are given invalid options. * Throw an Error when the zlib library rejects the value of windowBits, instead of crashing with an assertion. * Treat windowBits and memLevel options consistently with other ones and don't crash when non-numeric values are given. PR-URL: #13098 Backport-PR-URL: #13201 Fixes: #13082 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Sakthipriyan Vairamani <[email protected]>

addaleax · 2017-08-07T15:31:08Z

This should probably be released together with #14666

nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. v6.x zlib Issues and PRs related to the zlib subsystem. labels May 24, 2017

aqrln changed the title ~~zlib: fix node crashing on invalid options~~ (v6.x backport) zlib: fix node crashing on invalid options May 24, 2017

sam-github reviewed May 24, 2017

View reviewed changes

sam-github approved these changes May 24, 2017

View reviewed changes

refack approved these changes May 25, 2017

View reviewed changes

squash! address the nits

9fa7d7d

refack approved these changes May 25, 2017

View reviewed changes

lpinca approved these changes May 25, 2017

View reviewed changes

jasnell approved these changes May 25, 2017

View reviewed changes

gibfahn closed this Jun 17, 2017

aqrln deleted the v6.x-backport-13098 branch June 18, 2017 09:47

addaleax mentioned this pull request Aug 7, 2017

test: parallel/test-zlib-failed-init, intermittent crash #14178

Closed

aqrln mentioned this pull request Aug 16, 2017

(v4.x-backport) zlib: fix crash when initializing failed #14860

Closed

2 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

(v6.x backport) zlib: fix node crashing on invalid options #13201

(v6.x backport) zlib: fix node crashing on invalid options #13201

aqrln commented May 24, 2017

sam-github May 24, 2017

aqrln May 24, 2017

refack left a comment

refack May 25, 2017

refack May 25, 2017

refack May 25, 2017 •

edited

Loading

aqrln May 25, 2017

refack May 25, 2017

refack left a comment •

edited

Loading

aqrln commented May 25, 2017

MylesBorins commented May 30, 2017

gibfahn commented Jun 17, 2017

gibfahn commented Jun 17, 2017

addaleax commented Aug 7, 2017

(v6.x backport) zlib: fix node crashing on invalid options #13201

(v6.x backport) zlib: fix node crashing on invalid options #13201

Conversation

aqrln commented May 24, 2017

Checklist

Affected core subsystem(s)

sam-github May 24, 2017

Choose a reason for hiding this comment

aqrln May 24, 2017

Choose a reason for hiding this comment

refack left a comment

Choose a reason for hiding this comment

refack May 25, 2017

Choose a reason for hiding this comment

refack May 25, 2017

Choose a reason for hiding this comment

refack May 25, 2017 • edited Loading

Choose a reason for hiding this comment

aqrln May 25, 2017

Choose a reason for hiding this comment

refack May 25, 2017

Choose a reason for hiding this comment

refack left a comment • edited Loading

Choose a reason for hiding this comment

aqrln commented May 25, 2017

MylesBorins commented May 30, 2017

gibfahn commented Jun 17, 2017

gibfahn commented Jun 17, 2017

addaleax commented Aug 7, 2017

refack May 25, 2017 •

edited

Loading

refack left a comment •

edited

Loading