From 12f841dc6698fce8442dab50aee891e9b4a19545 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C3=ABl=20Zasso?= Date: Thu, 28 Sep 2023 15:03:19 +0200 Subject: [PATCH 1/2] src: limit Buffer::kMaxLength to 1TB This change has no real effect for now, as the V8 maximum typed array length is still 2**32. When V8 is updated to version 11.9 or later, the limit will be 2**53-1 on 64-bit architectures, much larger than any reasonable amount of RAM. This caps the limit at 1TB, which is already very large and corresponds to the maximum memory that AddressSanitizer allows to allocate. Refs: https://github.com/nodejs/node/pull/49876 Refs: https://github.com/nodejs/node-v8/issues/268 --- src/node_buffer.h | 4 +++- src/node_errors.h | 8 +++++--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/node_buffer.h b/src/node_buffer.h index 606a6f5caa3b11..76d57d8384e729 100644 --- a/src/node_buffer.h +++ b/src/node_buffer.h @@ -29,7 +29,9 @@ namespace node { namespace Buffer { -static const size_t kMaxLength = v8::TypedArray::kMaxLength; +static constexpr size_t kMaxLength = + v8::TypedArray::kMaxLength < 0x10000000000ull ? v8::Uint8Array::kMaxLength + : 0x10000000000ull; typedef void (*FreeCallback)(char* data, void* hint); diff --git a/src/node_errors.h b/src/node_errors.h index 569dafe82df83d..7a9778f5f00567 100644 --- a/src/node_errors.h +++ b/src/node_errors.h @@ -5,6 +5,7 @@ #include "debug_utils-inl.h" #include "env.h" +#include "node_buffer.h" #include "v8.h" // Use ostringstream to print exact-width integer types @@ -216,9 +217,10 @@ inline void THROW_ERR_SCRIPT_EXECUTION_TIMEOUT(Environment* env, inline v8::Local ERR_BUFFER_TOO_LARGE(v8::Isolate* isolate) { char message[128]; - snprintf(message, sizeof(message), - "Cannot create a Buffer larger than 0x%zx bytes", - v8::TypedArray::kMaxLength); + snprintf(message, + sizeof(message), + "Cannot create a Buffer larger than 0x%zx bytes", + Buffer::kMaxLength); return ERR_BUFFER_TOO_LARGE(isolate, message); } From 0c15d82b26bc4c63fc82f83c6646fe0a27f14057 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C3=ABl=20Zasso?= Date: Sat, 30 Sep 2023 09:49:02 +0200 Subject: [PATCH 2/2] fixup! src: limit Buffer::kMaxLength to 1TB --- src/node_buffer.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/node_buffer.h b/src/node_buffer.h index 76d57d8384e729..2a800600380c6c 100644 --- a/src/node_buffer.h +++ b/src/node_buffer.h @@ -30,7 +30,7 @@ namespace node { namespace Buffer { static constexpr size_t kMaxLength = - v8::TypedArray::kMaxLength < 0x10000000000ull ? v8::Uint8Array::kMaxLength + v8::Uint8Array::kMaxLength < 0x10000000000ull ? v8::Uint8Array::kMaxLength : 0x10000000000ull; typedef void (*FreeCallback)(char* data, void* hint);