buffer: validate list elements in Buffer.concat

[targos]

buffer: validate list elements in Buffer.concat

Without this change, if any of the elements in the list to be concatenated
is not a Buffer instance, the method fails with "buf.copy is not a function".
Make an instanceof check before using the copy method so that we can throw
a with a better message.

Fixes: #4949

[thefourtheye]

Or Buffer.isBuffer?

[targos]

I chose instanceof for consistency (Buffer.isBuffer is never used in this file).

[thefourtheye]

I was suggesting that because, if we change how we detect Buffers (which will be implemented in isBuffer) later on, then we don't have to change this line.

[targos]

OK, I changed it.

[cjihrig]

LGTM with one comment.

[thefourtheye]

LGTM with cjihrig's comment

[targos]

CI: https://ci.nodejs.org/job/node-test-commit/1978/

[targos]

Marking semver-major because of the error message change.

[cjihrig]

I'm not sure I would classify this as semver-major. This isn't a change to an existing error message. Every bug fix is technically a behavior change.

[targos]

I agree with you. Then it would be a candidate for LTS ?

[thefourtheye]

Overall, This looks to me as just an error message change. Does this qualify for backporting? @jasnell @thealphanerd

[cjihrig]

The existing code was already checking for an array, and throwing this same error. It was a bug on our part that we didn't do adequate checking.

[r-52]

LGTM

[rvagg]

@nodejs/lts this commit adds a new error string "list" argument must be an Array of Buffers, in addition to an existing list argument must be an Array of Buffers on everything but master due to a semver-major change to error messages. To remain consistent with the existing error message and to not introduce a new one that's different to the existing by two " characters, this commit should be changed to remove the "'s from lib/buffer.js as well as test/parallel/test-buffer-concat.js when cherry-picking.

[trevnorris]

@rvagg in that case shouldn't it just be changed in master as well? seems strange to only change it on cherry-pick.

[rvagg]

@trevnorris no because master has a change that unifies all error messages, giving them consistent formatting. So what's in this is correct and nice and consistent with the rest of the codebase but that's not true of v5.x and v4.x where we need to be internally consistent with this particular file and this particular function.

[rvagg]

#3374 thar it is, I think there may be more work ontop of that as well

[rvagg]

Removed lts-watch-v4.x, this is breaking in userland, see rvagg/bl#26, moscajs/mosca#412

[targos]

Should we label it as dont-land-on-v4.x then ?

[rvagg]

sure, done, but tbh I'm not sure if that's even used, @thealphanerd can you clarify how we should be using lts-watch-v4.x and/or dont-land-on-v4.x?

[MylesBorins]

@rvagg we definitely use dont-land-on-v4.x

lts-watch is applied when a PR needs to be reviewed
land-on is applied when a commit is in staging but not in a release
landed is applied when a commit has landed in a release

dont-land is added when we know a commit will not be backported. dont-land is particularly useful when doing audits of master to make sure we didn't miss anything