archive/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2025-08-16 06:08:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

napi: fix memory corruption vulnerability

Browse source 
Fixes: https://hackerone.com/reports/784186
CVE-ID: CVE-2020-8174
PR-URL: https://github.com/nodejs-private/node-private/pull/195
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Gabriel Schulhof <gabriel.schulhof@intel.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
This commit is contained in:
Tobias Nießen 2020-01-27 13:38:36 -04:00 committed by Michaël Zasso
parent 0cb194ec6a
commit 656260b4b6
No known key found for this signature in database
GPG key ID: 770F7A9A5AE15600
3 changed files with 31 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

2
test/js-native-api/test_string/test.js
View file

@ -81,3 +81,5 @@ assert.throws(() => {
assert.throws(() => {
test_string.TestLargeUtf16();
}, /^Error: Invalid argument$/);
test_string.TestMemoryCorruption(' '.repeat(64 * 1024));