fs,permission: make handling of buffers consistent

tniessen · marco-ippolito · commit c0010ed1ab98 · 2024-05-02T11:19:26.000+02:00
Commit 2000c26 added explicit handling of Buffers to fs.symlink, but not to fs.symlinkSync or fs.promises.symlink. This change adapts the latter two functions to behave like fs.symlink. Refs: #49156 Refs: #51212 PR-URL: #52348 Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com> Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
diff --git a/lib/fs.js b/lib/fs.js
@@ -1791,7 +1791,11 @@ function symlinkSync(target, path, type) {
   if (permission.isEnabled()) {
     // The permission model's security guarantees fall apart in the presence of
     // relative symbolic links. Thus, we have to prevent their creation.
-    if (typeof target !== 'string' || !isAbsolute(toPathIfFileURL(target))) {
+    if (BufferIsBuffer(target)) {
+      if (!isAbsolute(BufferToString(target))) {
+        throw new ERR_ACCESS_DENIED('relative symbolic link target');
+      }
+    } else if (typeof target !== 'string' || !isAbsolute(toPathIfFileURL(target))) {
       throw new ERR_ACCESS_DENIED('relative symbolic link target');
     }
   }
diff --git a/lib/internal/fs/promises.js b/lib/internal/fs/promises.js
@@ -18,6 +18,7 @@ const {
   SymbolAsyncDispose,
   Uint8Array,
   FunctionPrototypeBind,
+  uncurryThis,
 } = primordials;
 
 const { fs: constants } = internalBinding('constants');
@@ -31,6 +32,8 @@ const {
 
 const binding = internalBinding('fs');
 const { Buffer } = require('buffer');
+const { isBuffer: BufferIsBuffer } = Buffer;
+const BufferToString = uncurryThis(Buffer.prototype.toString);
 
 const {
   codes: {
@@ -980,7 +983,11 @@ async function symlink(target, path, type_) {
   if (permission.isEnabled()) {
     // The permission model's security guarantees fall apart in the presence of
     // relative symbolic links. Thus, we have to prevent their creation.
-    if (typeof target !== 'string' || !isAbsolute(toPathIfFileURL(target))) {
+    if (BufferIsBuffer(target)) {
+      if (!isAbsolute(BufferToString(target))) {
+        throw new ERR_ACCESS_DENIED('relative symbolic link target');
+      }
+    } else if (typeof target !== 'string' || !isAbsolute(toPathIfFileURL(target))) {
       throw new ERR_ACCESS_DENIED('relative symbolic link target');
     }
   }

Original file line number	Diff line number	Diff line change
`@@ -1791,7 +1791,11 @@ function symlinkSync(target, path, type) {`
`1791`	`1791`	`if (permission.isEnabled()) {`
`1792`	`1792`	`// The permission model's security guarantees fall apart in the presence of`
`1793`	`1793`	`// relative symbolic links. Thus, we have to prevent their creation.`
`1794`		`- if (typeof target !== 'string' \|\| !isAbsolute(toPathIfFileURL(target))) {`
	`1794`	`+ if (BufferIsBuffer(target)) {`
	`1795`	`+ if (!isAbsolute(BufferToString(target))) {`
	`1796`	`+ throw new ERR_ACCESS_DENIED('relative symbolic link target');`
	`1797`	`+ }`
	`1798`	`+ } else if (typeof target !== 'string' \|\| !isAbsolute(toPathIfFileURL(target))) {`
`1795`	`1799`	`throw new ERR_ACCESS_DENIED('relative symbolic link target');`
`1796`	`1800`	`}`
`1797`	`1801`	`}`