archive/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2025-08-15 13:48:44 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

buffer: mark pool ArrayBuffer as untransferable

Browse source 
This removes a footgun in which users could attempt to transfer the
pooled ArrayBuffer underlying a regular `Buffer`, which would lead to
all `Buffer`s that share the same pool being rendered unusable as well,
and potentially break creation of new pooled `Buffer`s.

This disables this kind of transfer.

Refs: https://github.com/nodejs/node/issues/32752

PR-URL: https://github.com/nodejs/node/pull/32759
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit is contained in:
Anna Henningsen 2020-04-10 12:43:15 +02:00
parent 82d6726dcb
commit bb5e7097e8
No known key found for this signature in database
GPG key ID: A94130F0BFC8EBE9
2 changed files with 24 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
lib/buffer.js
View file

@ -59,11 +59,13 @@ const {
zeroFill: bindingZeroFill
} = internalBinding('buffer');
const {
arraybuffer_untransferable_private_symbol,
getOwnNonIndexProperties,
propertyFilter: {
ALL_PROPERTIES,
ONLY_ENUMERABLE
}
},
setHiddenValue,
} = internalBinding('util');
const {
customInspectSymbol,
@ -153,6 +155,7 @@ function createUnsafeBuffer(size) {
function createPool() {
poolSize = Buffer.poolSize;
allocPool = createUnsafeBuffer(poolSize).buffer;
setHiddenValue(allocPool, arraybuffer_untransferable_private_symbol, true);
poolOffset = 0;
}
createPool();