-
Notifications
You must be signed in to change notification settings - Fork 30.4k
/
Copy pathtest-buffer-write.js
93 lines (76 loc) Β· 3.23 KB
/
test-buffer-write.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
'use strict';
const common = require('../common');
const assert = require('assert');
const outsideBounds = common.expectsError({
code: 'ERR_BUFFER_OUT_OF_BOUNDS',
type: RangeError,
message: 'Attempt to write outside buffer bounds'
}, 2);
assert.throws(() => Buffer.alloc(9).write('foo', -1), outsideBounds);
assert.throws(() => Buffer.alloc(9).write('foo', 10), outsideBounds);
const resultMap = new Map([
['utf8', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])],
['ucs2', Buffer.from([102, 0, 111, 0, 111, 0, 0, 0, 0])],
['ascii', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])],
['latin1', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])],
['binary', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])],
['utf16le', Buffer.from([102, 0, 111, 0, 111, 0, 0, 0, 0])],
['base64', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])],
['hex', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])]
]);
// utf8, ucs2, ascii, latin1, utf16le
const encodings = ['utf8', 'utf-8', 'ucs2', 'ucs-2', 'ascii', 'latin1',
'binary', 'utf16le', 'utf-16le'];
encodings
.reduce((es, e) => es.concat(e, e.toUpperCase()), [])
.forEach((encoding) => {
const buf = Buffer.alloc(9);
const len = Buffer.byteLength('foo', encoding);
assert.strictEqual(buf.write('foo', 0, len, encoding), len);
if (encoding.includes('-'))
encoding = encoding.replace('-', '');
assert.deepStrictEqual(buf, resultMap.get(encoding.toLowerCase()));
});
// base64
['base64', 'BASE64'].forEach((encoding) => {
const buf = Buffer.alloc(9);
const len = Buffer.byteLength('Zm9v', encoding);
assert.strictEqual(buf.write('Zm9v', 0, len, encoding), len);
assert.deepStrictEqual(buf, resultMap.get(encoding.toLowerCase()));
});
// hex
['hex', 'HEX'].forEach((encoding) => {
const buf = Buffer.alloc(9);
const len = Buffer.byteLength('666f6f', encoding);
assert.strictEqual(buf.write('666f6f', 0, len, encoding), len);
assert.deepStrictEqual(buf, resultMap.get(encoding.toLowerCase()));
});
// Invalid encodings
for (let i = 1; i < 10; i++) {
const encoding = String(i).repeat(i);
const error = common.expectsError({
code: 'ERR_UNKNOWN_ENCODING',
type: TypeError,
message: `Unknown encoding: ${encoding}`
});
assert.ok(!Buffer.isEncoding(encoding));
assert.throws(() => Buffer.alloc(9).write('foo', encoding), error);
}
// UCS-2 overflow CVE-2018-12115
for (let i = 1; i < 4; i++) {
// Allocate two Buffers sequentially off the pool. Run more than once in case
// we hit the end of the pool and don't get sequential allocations
const x = Buffer.allocUnsafe(4).fill(0);
const y = Buffer.allocUnsafe(4).fill(1);
// Should not write anything, pos 3 doesn't have enough room for a 16-bit char
assert.strictEqual(x.write('ΡΡΡΡΡΡ', 3, 'ucs2'), 0);
// CVE-2018-12115 experienced via buffer overrun to next block in the pool
assert.strictEqual(Buffer.compare(y, Buffer.alloc(4, 1)), 0);
}
// Should not write any data when there is no space for 16-bit chars
const z = Buffer.alloc(4, 0);
assert.strictEqual(z.write('\u0001', 3, 'ucs2'), 0);
assert.strictEqual(Buffer.compare(z, Buffer.alloc(4, 0)), 0);
// Large overrun could corrupt the process
assert.strictEqual(Buffer.alloc(4)
.write('ΡΡΡΡΡΡ'.repeat(100), 3, 'utf16le'), 0);