-
Notifications
You must be signed in to change notification settings - Fork 29.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
buffer: throw on negative .allocUnsafe() argument #7079
Conversation
const err = new RangeError('"size" argument must not be negative'); | ||
Error.captureStackTrace(err, assertSize); | ||
throw err; | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How about this abstraction:
function assertSize(size) {
let err = null;
if (typeof size !== 'number') err = new TypeError('"size" argument must be a number');
if (size < 0) err = new RangeError('"size" argument must not be negative');
if (err) {
// The following hides the 'assertSize' method from the
// callstack. This is done simply to hide the internal
// details of the implementation from bleeding out to users.
Error.captureStackTrace(err, assertSize);
throw err;
}
}
This could improve the comments for Error.captureStackTrace(err, assertSize);
. :-)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Updated with that, although I’m not it makes a huge difference ;)
Should this have 7.0 milestone? |
Only suggestion I may have is that |
Aside: we really ought to refactor the |
|
||
if (typeof size !== 'number') | ||
err = new TypeError('"size" argument must be a number'); | ||
if (size < 0) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps else if
here so that it wouldn't attempt to call .valueOf
etc. on objects?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In this case might as well add the test
assert.throws(() => Buffer.alloc({ valueOf: () => -1 }), /"size" argument must be a number/);
or swapping them would achieve the same logical effect.
5c9869e
to
fc43fe1
Compare
Updated with everyone’s comments, new CI: https://ci.nodejs.org/job/node-test-commit/3693/ |
LGTM |
1 similar comment
LGTM |
fc43fe1
to
a98022a
Compare
Rebased, new CI: https://ci.nodejs.org/job/node-test-commit/4408/ I’ll land this some time in the next couple of days. |
LGTM |
Just to clarify: this now also throws on negative |
Good catch. +1 |
Excellent question! To be honest I don't know. What do you think? On Thursday, August 4, 2016, Сковорода Никита Андреевич <
|
I think I'd be more in favor of just landing in v7. |
I'm ok with both and this still LGTM =). |
Works for me also. |
LGTM |
Add a check for `size < 0` to `assertSize()`, as passing a negative value almost certainly indicates a programming error. This also lines up the behaviour of `.allocUnsafe()` with the ones of `.alloc()` and `.allocUnsafeSlow()` (which previously threw errors from the Uint8Array constructor). Notably, this also affects `Buffer()` calls with negative arguments.
a98022a
to
be32633
Compare
Add a check for `size < 0` to `assertSize()`, as passing a negative value almost certainly indicates a programming error. This also lines up the behaviour of `.allocUnsafe()` with the ones of `.alloc()` and `.allocUnsafeSlow()` (which previously threw errors from the Uint8Array constructor). Notably, this also affects `Buffer()` calls with negative arguments. PR-URL: #7079 Reviewed-By: Trevor Norris <trev.norris@gmail.com> Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yorkie Liu <yorkiefixer@gmail.com>
I’ve gone ahead and landed this in 8f90dcc since there seems to be agreement that this can safely go into v7. |
The docs was not updated with this PR, was that intentional or would a PR for docs be welcome? |
@LinusU ... doc changes are always helpful! |
Notable Changes: * Buffer * Passing invalid input to Buffer.byteLength will now throw an error [nodejs#8946](nodejs#8946). * Calling Buffer without new is now deprecated and will emit a process warning [nodejs#8169](nodejs#8169). * Passing a negative number to allocUnsafe will now throw an error [nodejs#7079](nodejs#7079). * Child Process * The fork and execFile methods now have stronger argument validation [nodejs#7399](nodejs#7399). * Cluster * The worker.suicide method is deprecated and will emit a process warning [nodejs#3747](nodejs#3747). * Deps * V8 has been updated to 5.4.500.36 [nodejs#8317](nodejs#8317), [nodejs#8852](nodejs#8852), [nodejs#9253](nodejs#9253). * NODE_MODULE_VERSION has been updated to 51 [nodejs#8808](nodejs#8808). * File System * A process warning is emitted if a callback is not passed to async file system methods [nodejs#7897](nodejs#7897). * Intl * Intl.v8BreakIterator constructor has been deprecated and will emit a process warning [nodejs#8908](nodejs#8908). * Promises * Unhandled Promise rejections have been deprecated and will emit a process warning [nodejs#8217](nodejs#8217). * Punycode * The `punycode` module has been deprecated [nodejs#7941](nodejs#7941). * URL * An Experimental WHATWG URL Parser has been introduced [nodejs#7448](nodejs#7448).
Notable Changes: * Buffer * Passing invalid input to Buffer.byteLength will now throw an error [#8946](#8946). * Calling Buffer without new is now deprecated and will emit a process warning [#8169](#8169). * Passing a negative number to allocUnsafe will now throw an error [#7079](#7079). * Child Process * The fork and execFile methods now have stronger argument validation [#7399](#7399). * Cluster * The worker.suicide method is deprecated and will emit a process warning [#3747](#3747). * Deps * V8 has been updated to 5.4.500.36 [#8317](#8317), [#8852](#8852), [#9253](#9253). * NODE_MODULE_VERSION has been updated to 51 [#8808](#8808). * File System * A process warning is emitted if a callback is not passed to async file system methods [#7897](#7897). * Intl * Intl.v8BreakIterator constructor has been deprecated and will emit a process warning [#8908](#8908). * Promises * Unhandled Promise rejections have been deprecated and will emit a process warning [#8217](#8217). * Punycode * The `punycode` module has been deprecated [#7941](#7941). * URL * An Experimental WHATWG URL Parser has been introduced [#7448](#7448). PR-URL: #9099
Notable Changes: * Buffer * Passing invalid input to Buffer.byteLength will now throw an error [#8946](#8946). * Calling Buffer without new is now deprecated and will emit a process warning [#8169](#8169). * Passing a negative number to allocUnsafe will now throw an error [#7079](#7079). * Child Process * The fork and execFile methods now have stronger argument validation [#7399](#7399). * Cluster * The worker.suicide method is deprecated and will emit a process warning [#3747](#3747). * Deps * V8 has been updated to 5.4.500.36 [#8317](#8317), [#8852](#8852), [#9253](#9253). * NODE_MODULE_VERSION has been updated to 51 [#8808](#8808). * File System * A process warning is emitted if a callback is not passed to async file system methods [#7897](#7897). * Intl * Intl.v8BreakIterator constructor has been deprecated and will emit a process warning [#8908](#8908). * Promises * Unhandled Promise rejections have been deprecated and will emit a process warning [#8217](#8217). * Punycode * The `punycode` module has been deprecated [#7941](#7941). * URL * An Experimental WHATWG URL Parser has been introduced [#7448](#7448). PR-URL: #9099
Notable Changes: * Buffer * Passing invalid input to Buffer.byteLength will now throw an error [#8946](nodejs/node#8946). * Calling Buffer without new is now deprecated and will emit a process warning [#8169](nodejs/node#8169). * Passing a negative number to allocUnsafe will now throw an error [#7079](nodejs/node#7079). * Child Process * The fork and execFile methods now have stronger argument validation [#7399](nodejs/node#7399). * Cluster * The worker.suicide method is deprecated and will emit a process warning [#3747](nodejs/node#3747). * Deps * V8 has been updated to 5.4.500.36 [#8317](nodejs/node#8317), [#8852](nodejs/node#8852), [#9253](nodejs/node#9253). * NODE_MODULE_VERSION has been updated to 51 [#8808](nodejs/node#8808). * File System * A process warning is emitted if a callback is not passed to async file system methods [#7897](nodejs/node#7897). * Intl * Intl.v8BreakIterator constructor has been deprecated and will emit a process warning [#8908](nodejs/node#8908). * Promises * Unhandled Promise rejections have been deprecated and will emit a process warning [#8217](nodejs/node#8217). * Punycode * The `punycode` module has been deprecated [#7941](nodejs/node#7941). * URL * An Experimental WHATWG URL Parser has been introduced [#7448](nodejs/node#7448). Signed-off-by: Ilkka Myller <ilkka.myller@nodefield.com>
Checklist
Affected core subsystem(s)
buffer
Description of change
Add a check for
size < 0
toassertSize()
, as passing a negative value almost certainly indicates a programming error.This also lines up the behaviour of
.allocUnsafe()
with the ones of.alloc()
and.allocUnsafeSlow()
(which previously threw errors from the Uint8Array constructor).CI: https://ci.nodejs.org/job/node-test-commit/3599/