Skip to content

Commit 09f25af

Browse files
Andre Jodat-Danbranitargos
Andre Jodat-Danbrani
authored andcommitted
tls: throw if protocol too long
The convertProtocols() function now throws a range error when the byte length of a protocol is too long to fit in a Buffer. Also added a test case in test/parallel/test-tls-basic-validations.js to cover this. PR-URL: #23606 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
1 parent dd5afbe commit 09f25af

File tree

3 files changed

+25
-4
lines changed

3 files changed

+25
-4
lines changed

lib/internal/errors.js

+4-3
Original file line numberDiff line numberDiff line change
@@ -825,10 +825,11 @@ E('ERR_NO_ICU',
825825
'%s is not supported on Node.js compiled without ICU', TypeError);
826826
E('ERR_NO_LONGER_SUPPORTED', '%s is no longer supported', Error);
827827
E('ERR_OUT_OF_RANGE',
828-
(name, range, value) => {
829-
let msg = `The value of "${name}" is out of range.`;
828+
(str, range, input, replaceDefaultBoolean = false) => {
829+
let msg = replaceDefaultBoolean ? str :
830+
`The value of "${str}" is out of range.`;
830831
if (range !== undefined) msg += ` It must be ${range}.`;
831-
msg += ` Received ${value}`;
832+
msg += ` Received ${input}`;
832833
return msg;
833834
}, RangeError);
834835
E('ERR_REQUIRE_ESM', 'Must use import to load ES Module: %s', Error);

lib/tls.js

+8-1
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,10 @@
2121

2222
'use strict';
2323

24-
const { ERR_TLS_CERT_ALTNAME_INVALID } = require('internal/errors').codes;
24+
const {
25+
ERR_TLS_CERT_ALTNAME_INVALID,
26+
ERR_OUT_OF_RANGE
27+
} = require('internal/errors').codes;
2528
const internalUtil = require('internal/util');
2629
const internalTLS = require('internal/tls');
2730
internalUtil.assertCrypto();
@@ -60,6 +63,10 @@ function convertProtocols(protocols) {
6063
const lens = new Array(protocols.length);
6164
const buff = Buffer.allocUnsafe(protocols.reduce((p, c, i) => {
6265
var len = Buffer.byteLength(c);
66+
if (len > 255) {
67+
throw new ERR_OUT_OF_RANGE('The byte length of the protocol at index ' +
68+
`${i} exceeds the maximum length.`, '<= 255', len, true);
69+
}
6370
lens[i] = len;
6471
return p + 1 + len;
6572
}, 0));

test/parallel/test-tls-basic-validations.js

+13
Original file line numberDiff line numberDiff line change
@@ -102,3 +102,16 @@ common.expectsError(
102102
assert(out.ALPNProtocols.equals(Buffer.from(expectView)));
103103
}
104104
}
105+
106+
{
107+
const protocols = [(new String('a')).repeat(500)];
108+
const out = {};
109+
common.expectsError(
110+
() => tls.convertALPNProtocols(protocols, out),
111+
{
112+
code: 'ERR_OUT_OF_RANGE',
113+
message: 'The byte length of the protocol at index 0 exceeds the ' +
114+
'maximum length. It must be <= 255. Received 500'
115+
}
116+
);
117+
}

0 commit comments

Comments
 (0)