diff options
author | Сковорода Никита Андреевич <chalkerx@gmail.com> | 2016-09-16 08:07:23 +0300 |
---|---|---|
committer | Evan Lucas <evanlucas@me.com> | 2016-09-27 19:50:47 +0300 |
commit | 8fb8c4630361ca2c214728c22be0e5a911a92239 (patch) | |
tree | 9443f5d27b4a329913272ed539001d6d096efaae | |
parent | 743f0c916469f3129dfae406fa104dc46782e20b (diff) |
buffer: zero-fill uninitialized bytes in .concat()
This makes sure that no uninitialized bytes are leaked when the specified
`totalLength` input value is greater than the actual total length of the
specified buffers array, e.g. in Buffer.concat([Buffer.alloc(0)], 100).
PR-URL: https://github.com/nodejs/node-private/pull/64
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
-rw-r--r-- | lib/buffer.js | 8 | ||||
-rw-r--r-- | test/parallel/test-buffer-concat.js | 24 |
2 files changed, 31 insertions, 1 deletions
diff --git a/lib/buffer.js b/lib/buffer.js index a4d14305f7a..94cfc2c8af9 100644 --- a/lib/buffer.js +++ b/lib/buffer.js @@ -311,6 +311,14 @@ Buffer.concat = function(list, length) { pos += buf.length; } + // Note: `length` is always equal to `buffer.length` at this point + if (pos < length) { + // Zero-fill the remaining bytes if the specified `length` was more than + // the actual total length, i.e. if we have some remaining allocated bytes + // there were not initialized. + buffer.fill(0, pos, length); + } + return buffer; }; diff --git a/test/parallel/test-buffer-concat.js b/test/parallel/test-buffer-concat.js index 3946b221415..800f1055aa6 100644 --- a/test/parallel/test-buffer-concat.js +++ b/test/parallel/test-buffer-concat.js @@ -1,5 +1,5 @@ 'use strict'; -require('../common'); +const common = require('../common'); const assert = require('assert'); const zero = []; @@ -38,3 +38,25 @@ function assertWrongList(value) { err.message === '"list" argument must be an Array of Buffers'; }); } + +const random10 = common.hasCrypto + ? require('crypto').randomBytes(10) + : Buffer.alloc(10, 1); +const empty = Buffer.alloc(0); + +assert.notDeepStrictEqual(random10, empty); +assert.notDeepStrictEqual(random10, Buffer.alloc(10)); + +assert.deepStrictEqual(Buffer.concat([], 100), empty); +assert.deepStrictEqual(Buffer.concat([random10], 0), empty); +assert.deepStrictEqual(Buffer.concat([random10], 10), random10); +assert.deepStrictEqual(Buffer.concat([random10, random10], 10), random10); +assert.deepStrictEqual(Buffer.concat([empty, random10]), random10); +assert.deepStrictEqual(Buffer.concat([random10, empty, empty]), random10); + +// The tail should be zero-filled +assert.deepStrictEqual(Buffer.concat([empty], 100), Buffer.alloc(100)); +assert.deepStrictEqual(Buffer.concat([empty], 4096), Buffer.alloc(4096)); +assert.deepStrictEqual( + Buffer.concat([random10], 40), + Buffer.concat([random10, Buffer.alloc(30)])); |