tls: throw if protocol too long

The convertProtocols() function now throws a range error when the byte
length of a protocol is too long to fit in a Buffer.

Also added a test case in test/parallel/test-tls-basic-validations.js
to cover this.

PR-URL: https://github.com/nodejs/node/pull/23606
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>

1 files changed, 8 insertions, 1 deletions

diff --git a/lib/tls.js b/lib/tls.js
index 3335632c933..d6b86a41037 100644
--- a/lib/tls.js
+++ b/lib/tls.js
@@ -21,7 +21,10 @@
 
 'use strict';
 
-const { ERR_TLS_CERT_ALTNAME_INVALID } = require('internal/errors').codes;
+const {
+  ERR_TLS_CERT_ALTNAME_INVALID,
+  ERR_OUT_OF_RANGE
+} = require('internal/errors').codes;
 const internalUtil = require('internal/util');
 const internalTLS = require('internal/tls');
 internalUtil.assertCrypto();
@@ -60,6 +63,10 @@ function convertProtocols(protocols) {
   const lens = new Array(protocols.length);
   const buff = Buffer.allocUnsafe(protocols.reduce((p, c, i) => {
     var len = Buffer.byteLength(c);
+    if (len > 255) {
+      throw new ERR_OUT_OF_RANGE('The byte length of the protocol at index ' +
+        `${i} exceeds the maximum length.`, '<= 255', len, true);
+    }
     lens[i] = len;
     return p + 1 + len;
   }, 0));