OSSForks/node
1
0
Fork 0
mirror of https://github.com/zebrajr/node.git synced 2025-12-06 12:20:27 +01:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

http2: do not crash on mismatched ping buffer length

Browse Source 
PR-URL: https://github.com/nodejs/node/pull/60135
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tim Perry <pimterry@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This commit is contained in:
René 2025-10-09 00:23:34 +01:00 committed by GitHub
parent 642a7c0d46
commit 535efea962
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 7 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/internal/http2/core.js
View File

@ -1444,9 +1444,9 @@ class Http2Session extends EventEmitter {
} }
if (payload) { if (payload) {
validateBuffer(payload, 'payload'); validateBuffer(payload, 'payload');
} if (payload.byteLength !== 8) {
if (payload && payload.length !== 8) { throw new ERR_HTTP2_PING_LENGTH();
throw new ERR_HTTP2_PING_LENGTH(); }
} }
validateFunction(callback, 'callback'); validateFunction(callback, 'callback');

7
test/parallel/test-http2-ping.js
View File

@ -64,11 +64,11 @@ server.listen(0, common.mustCall(() => {
}))); })));
} }
{ {
const payload = Buffer.from('abcdefgi'); const payload = new Uint16Array([1, 2, 3, 4]);
assert(client.ping(payload, common.mustCall((err, duration, ret) => { assert(client.ping(payload, common.mustCall((err, duration, ret) => {
assert.strictEqual(err, null); assert.strictEqual(err, null);
assert.strictEqual(typeof duration, 'number'); assert.strictEqual(typeof duration, 'number');
assert.deepStrictEqual(payload, ret); assert.deepStrictEqual(payload.buffer, ret.buffer);
}))); })));
} }
@ -99,7 +99,8 @@ server.listen(0, common.mustCall(() => {
{ {
const shortPayload = Buffer.from('abcdefg'); const shortPayload = Buffer.from('abcdefg');
const longPayload = Buffer.from('abcdefghi'); const longPayload = Buffer.from('abcdefghi');
[shortPayload, longPayload].forEach((payloadWithInvalidLength) => const mismatchedPayload = new Uint32Array(8);
[shortPayload, longPayload, mismatchedPayload].forEach((payloadWithInvalidLength) =>
assert.throws( assert.throws(
() => client.ping(payloadWithInvalidLength), () => client.ping(payloadWithInvalidLength),
{ {