From 960a20928f41e4805b9d37c57a026189af2864bd Mon Sep 17 00:00:00 2001 From: Keyhan Vakil Date: Fri, 5 Aug 2022 21:01:22 -0700 Subject: [PATCH] src: prevent copying ArrayBufferViewContents MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit It is error-prone to copy or heap-allocate `ArrayBufferViewContents`, because you might accidentally cause it to exceed the lifetime of its argument. Let's make it impossible to do so. Fortunately we were not doing so anywhere already, so this diff is purely defensive. Refs: https://github.com/nodejs/node/pull/44079#discussion_r934376046 PR-URL: https://github.com/nodejs/node/pull/44091 Reviewed-By: Anna Henningsen Reviewed-By: Feng Yu Reviewed-By: Tobias Nießen --- src/util.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/util.h b/src/util.h index 290862e21c1144..3f58dd0a86d57b 100644 --- a/src/util.h +++ b/src/util.h @@ -498,6 +498,9 @@ class ArrayBufferViewContents { public: ArrayBufferViewContents() = default; + ArrayBufferViewContents(const ArrayBufferViewContents&) = delete; + void operator=(const ArrayBufferViewContents&) = delete; + explicit inline ArrayBufferViewContents(v8::Local value); explicit inline ArrayBufferViewContents(v8::Local value); explicit inline ArrayBufferViewContents(v8::Local abv); @@ -507,6 +510,13 @@ class ArrayBufferViewContents { inline size_t length() const { return length_; } private: + // Declaring operator new and delete as deleted is not spec compliant. + // Therefore, declare them private instead to disable dynamic alloc. + void* operator new(size_t size); + void* operator new[](size_t size); + void operator delete(void*, size_t); + void operator delete[](void*, size_t); + T stack_storage_[kStackStorageSize]; T* data_ = nullptr; size_t length_ = 0;