[njs] Fixed njs_buffer_slot().

Dmitry Volyntsev xeioex at nginx.com
Mon Sep 20 13:10:56 UTC 2021


details:   https://hg.nginx.org/njs/rev/6feba0e602ee
branches:  
changeset: 1707:6feba0e602ee
user:      Dmitry Volyntsev <xeioex at nginx.com>
date:      Fri Sep 17 18:29:40 2021 +0000
description:
Fixed njs_buffer_slot().

Previously, njs_buffer_slot() might return NULL value without setting
corresponding exception where user code expects it.

In addition the function is split into two functions.  The internal one
does not set anything to vm->retval.  This function has to be used by
property handlers, because they are expected not to modify vm->retval.

diffstat:

 src/njs_buffer.c         |  42 ++++++++++++++++++++++++------------------
 src/test/njs_unit_test.c |   6 ++++++
 2 files changed, 30 insertions(+), 18 deletions(-)

diffs (82 lines):

diff -r d1a43dc93e9d -r 6feba0e602ee src/njs_buffer.c
--- a/src/njs_buffer.c	Fri Sep 17 18:29:40 2021 +0000
+++ b/src/njs_buffer.c	Fri Sep 17 18:29:40 2021 +0000
@@ -572,30 +572,36 @@ njs_buffer_byte_length(njs_vm_t *vm, njs
 
 
 static njs_typed_array_t *
+njs_buffer_slot_internal(njs_vm_t *vm, njs_value_t *value)
+{
+    njs_typed_array_t  *array;
+
+    if (njs_is_object(value)) {
+        array = njs_object_proto_lookup(njs_object(value), NJS_TYPED_ARRAY,
+                                        njs_typed_array_t);
+
+        if (array != NULL && array->type == NJS_OBJ_TYPE_UINT8_ARRAY) {
+            return array;
+        }
+    }
+
+    return NULL;
+}
+
+
+static njs_typed_array_t *
 njs_buffer_slot(njs_vm_t *vm, njs_value_t *value, const char *name)
 {
     njs_typed_array_t  *array;
 
-    if (njs_slow_path(!njs_is_object(value))) {
-        goto failed;
-    }
-
-    array = njs_object_proto_lookup(njs_object(value), NJS_TYPED_ARRAY,
-                                    njs_typed_array_t);
-
-    if (njs_slow_path(array != NULL
-                      && array->type != NJS_OBJ_TYPE_UINT8_ARRAY))
-    {
-        goto failed;
+    array = njs_buffer_slot_internal(vm, value);
+    if (njs_slow_path(array == NULL)) {
+        njs_type_error(vm, "\"%s\" argument must be an instance "
+                           "of Buffer or Uint8Array", name);
+        return NULL;
     }
 
     return array;
-
-failed:
-
-    njs_type_error(vm, "\"%s\" argument must be an instance "
-                       "of Buffer or Uint8Array", name);
-    return NULL;
 }
 
 
@@ -902,7 +908,7 @@ njs_buffer_prototype_length(njs_vm_t *vm
 {
     njs_typed_array_t  *array;
 
-    array = njs_buffer_slot(vm, value, "this");
+    array = njs_buffer_slot_internal(vm, value);
     if (njs_slow_path(array == NULL)) {
         njs_set_undefined(retval);
         return NJS_DECLINED;
diff -r d1a43dc93e9d -r 6feba0e602ee src/test/njs_unit_test.c
--- a/src/test/njs_unit_test.c	Fri Sep 17 18:29:40 2021 +0000
+++ b/src/test/njs_unit_test.c	Fri Sep 17 18:29:40 2021 +0000
@@ -19538,6 +19538,12 @@ static njs_unit_test_t  njs_test[] =
               "})"),
       njs_str("true") },
 
+    { njs_str("Buffer.from([1,2]).equals(new ArrayBuffer(1))"),
+      njs_str("TypeError: \"target\" argument must be an instance of Buffer or Uint8Array") },
+
+    { njs_str("Buffer.from([1,2]).equals(1)"),
+      njs_str("TypeError: \"target\" argument must be an instance of Buffer or Uint8Array") },
+
     { njs_str("var buf = Buffer.alloc(4);"
               "buf.fill('ZXZpbA==', 'base64')"),
       njs_str("evil") },


More information about the nginx-devel mailing list