zlib: fix node crashing on invalid options by aqrln · Pull Request #13098 · nodejs/node
The main reason behind this commit is fixing the Node process crashing when zlib rejects the given options. Besides that issue, which got reported and which is linked to this commit, it turned out that Node also used to crash when a non-numeric value was passed as the `windowBits` or the `memLevel` option. This was fixed somewhat inadvertently; initially it was just a stylistic change to avoid lines spanning longer than 80 characters that was written in a manner consistent with surrounding code. Fixes: nodejs#13082
added
c++
labels
May 18, 2017
aqrln
mentioned this pull request
Throw an Error synchronously instead of fiddling with 'error' events.
jasnell pushed a commit that referenced this pull request
May 28, 2017
This commit fixes the Node process crashing when constructors of classes
of the zlib module are given invalid options.
* Throw an Error when the zlib library rejects the value of windowBits,
instead of crashing with an assertion.
* Treat windowBits and memLevel options consistently with other ones and
don't crash when non-numeric values are given.
* Fix bugs in the validation logic:
- Don't conflate 0 and undefined when checking if a field of an
options object exists.
- Treat NaN and Infinity values the same way as values of invalid
types instead of allowing to actually set zlib options to NaN or
Infinity.
PR-URL: #13098
Fixes: #13082
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Fishrock123
added
semver-major
and removed semver-major
PRs that contain breaking changes and should be released in the next major version.labels
Jun 5, 2017gibfahn pushed a commit to gibfahn/node that referenced this pull request
Jun 17, 2017
This is a partial backport of semver-patch bits of 9e4660b. This commit fixes the Node process crashing when constructors of classes of the zlib module are given invalid options. * Throw an Error when the zlib library rejects the value of windowBits, instead of crashing with an assertion. * Treat windowBits and memLevel options consistently with other ones and don't crash when non-numeric values are given. PR-URL: nodejs#13098 Backport-PR-URL: nodejs#13201 Fixes: nodejs#13082 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
gibfahn pushed a commit that referenced this pull request
Jun 20, 2017
This is a partial backport of semver-patch bits of 9e4660b. This commit fixes the Node process crashing when constructors of classes of the zlib module are given invalid options. * Throw an Error when the zlib library rejects the value of windowBits, instead of crashing with an assertion. * Treat windowBits and memLevel options consistently with other ones and don't crash when non-numeric values are given. PR-URL: #13098 Backport-PR-URL: #13201 Fixes: #13082 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Jul 11, 2017
This is a partial backport of semver-patch bits of 9e4660b. This commit fixes the Node process crashing when constructors of classes of the zlib module are given invalid options. * Throw an Error when the zlib library rejects the value of windowBits, instead of crashing with an assertion. * Treat windowBits and memLevel options consistently with other ones and don't crash when non-numeric values are given. PR-URL: #13098 Backport-PR-URL: #13201 Fixes: #13082 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
MylesBorins added a commit that referenced this pull request
Aug 1, 2017
This LTS release comes with 221 commits. This includes 80 which are
test related, 52 which are doc related, 32 which are build / tool
related and 10 commits which are updates to dependencies.
Notable Changes:
* configure:
- add mips64el to valid_arch (Aditya Anand)
- #13620
* crypto:
- Updated root certificates based on [NSS 3.30] (Ben Noordhuis)
- #13279
- #12402
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30_release_notes
* deps:
- upgrade OpenSSL to version 1.0.2.l (Shigeki Ohtsu)
- #12913
* http:
- parse errors are now reported when NODE_DEBUG=http (Sam Roberts)
- #13206
- Agent construction can now be envoked without `new` (cjihrig)
- #12927
* zlib:
- node will now throw an Error when zlib rejects the value of windowBits,
instead of crashing (Alexey Orlenko)
- #13098
PR-URL: #14356
MylesBorins added a commit that referenced this pull request
Aug 1, 2017
This LTS release comes with 221 commits. This includes 80 which are
test related, 52 which are doc related, 32 which are build / tool
related and 10 commits which are updates to dependencies.
Notable Changes:
* configure:
- add mips64el to valid_arch (Aditya Anand)
- #13620
* crypto:
- Updated root certificates based on [NSS 3.30] (Ben Noordhuis)
- #13279
- #12402
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.30_release_notes
* deps:
- upgrade OpenSSL to version 1.0.2.l (Shigeki Ohtsu)
- #12913
* http:
- parse errors are now reported when NODE_DEBUG=http (Sam Roberts)
- #13206
- Agent construction can now be envoked without `new` (cjihrig)
- #12927
* zlib:
- node will now throw an Error when zlib rejects the value of windowBits,
instead of crashing (Alexey Orlenko)
- #13098
PR-URL: #14356
addaleax added a commit to addaleax/node that referenced this pull request
Aug 7, 2017
Unset `mode_` when initializing the zlib stream failed, so that we don’t try to call the zlib end functions (`deflateEnd()` etc.) when cleaning up in `ZCtx::Close()`. Fixes: nodejs#14178 Ref: nodejs#13098
This was referenced
Aug 7, 2017addaleax added a commit that referenced this pull request
Aug 9, 2017
Unset `mode_` when initializing the zlib stream failed, so that we don’t try to call the zlib end functions (`deflateEnd()` etc.) when cleaning up in `ZCtx::Close()`. Fixes: #14178 Ref: #13098 PR-URL: #14666 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
addaleax added a commit that referenced this pull request
Aug 9, 2017
Unset `mode_` when initializing the zlib stream failed, so that we don’t try to call the zlib end functions (`deflateEnd()` etc.) when cleaning up in `ZCtx::Close()`. Fixes: #14178 Ref: #13098 PR-URL: #14666 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Aug 12, 2017
Unset `mode_` when initializing the zlib stream failed, so that we don’t try to call the zlib end functions (`deflateEnd()` etc.) when cleaning up in `ZCtx::Close()`. Fixes: #14178 Ref: #13098 PR-URL: #14666 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
aqrln added a commit to aqrln/node that referenced this pull request
Aug 16, 2017
This is a partial backport of semver-patch bits of 9e4660b. This commit fixes the Node process crashing when constructors of classes of the zlib module are given invalid options. * Throw an Error when the zlib library rejects the value of windowBits, instead of crashing with an assertion. * Treat windowBits and memLevel options consistently with other ones and don't crash when non-numeric values are given. PR-URL: nodejs#13098 Fixes: nodejs#13082 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
aqrln pushed a commit to aqrln/node that referenced this pull request
Aug 16, 2017
Unset `mode_` when initializing the zlib stream failed, so that we don’t try to call the zlib end functions (`deflateEnd()` etc.) when cleaning up in `ZCtx::Close()`. Fixes: nodejs#14178 Ref: nodejs#13098 PR-URL: nodejs#14666 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
aqrln
mentioned this pull request
2 tasks
MylesBorins pushed a commit that referenced this pull request
Sep 19, 2017
This is a partial backport of semver-patch bits of 9e4660b. This commit fixes the Node process crashing when constructors of classes of the zlib module are given invalid options. * Throw an Error when the zlib library rejects the value of windowBits, instead of crashing with an assertion. * Treat windowBits and memLevel options consistently with other ones and don't crash when non-numeric values are given. Backport-PR-URL: #14860 PR-URL: #13098 Fixes: #13082 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Sep 19, 2017
Unset `mode_` when initializing the zlib stream failed, so that we don’t try to call the zlib end functions (`deflateEnd()` etc.) when cleaning up in `ZCtx::Close()`. Fixes: #14178 Ref: #13098 Backport-PR-URL: #14860 PR-URL: #14666 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Oct 25, 2017
This is a partial backport of semver-patch bits of 9e4660b. This commit fixes the Node process crashing when constructors of classes of the zlib module are given invalid options. * Throw an Error when the zlib library rejects the value of windowBits, instead of crashing with an assertion. * Treat windowBits and memLevel options consistently with other ones and don't crash when non-numeric values are given. Backport-PR-URL: #14860 PR-URL: #13098 Fixes: #13082 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
MylesBorins pushed a commit that referenced this pull request
Oct 25, 2017
Unset `mode_` when initializing the zlib stream failed, so that we don’t try to call the zlib end functions (`deflateEnd()` etc.) when cleaning up in `ZCtx::Close()`. Fixes: #14178 Ref: #13098 Backport-PR-URL: #14860 PR-URL: #14666 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters