From ef27d56cc12ed34f4f8b4565304556a3fe426f30 Mon Sep 17 00:00:00 2001 From: isaacs Date: Tue, 30 Aug 2011 08:35:16 -0700 Subject: [PATCH 1/4] Fixes #1610 Remove DigiNotar CA from trusted list Details: https://threatpost.com/en_us/blogs/attackers-obtain-valid-cert-google-domains-mozilla-moves-revoke-it-082911 http://www.coriolis-systems.com/blog/2011/08/diginotar-certificate-security.php --- src/node_root_certs.h | 29 ----------------------------- 1 file changed, 29 deletions(-) diff --git a/src/node_root_certs.h b/src/node_root_certs.h index c82fde8f00c..140ec6f946f 100644 --- a/src/node_root_certs.h +++ b/src/node_root_certs.h @@ -2667,35 +2667,6 @@ const char* root_certs[] = { "+8cFduPYSo38NBejxiEovjBFMR7HeL5YYTisO+IBZQ==\n" "-----END CERTIFICATE-----\n", - // "DigiNotar Root CA" - "-----BEGIN CERTIFICATE-----\n" - "MIIFijCCA3KgAwIBAgIQDHbanJEMTiye/hXQWJM8TDANBgkqhkiG9w0BAQUFADBfMQswCQYDVQQG\n" - "EwJOTDESMBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdpTm90YXIgUm9vdCBDQTEgMB4G\n" - "CSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwHhcNMDcwNTE2MTcxOTM2WhcNMjUwMzMxMTgx\n" - "OTIxWjBfMQswCQYDVQQGEwJOTDESMBAGA1UEChMJRGlnaU5vdGFyMRowGAYDVQQDExFEaWdpTm90\n" - "YXIgUm9vdCBDQTEgMB4GCSqGSIb3DQEJARYRaW5mb0BkaWdpbm90YXIubmwwggIiMA0GCSqGSIb3\n" - "DQEBAQUAA4ICDwAwggIKAoICAQCssFjBAL3YIQgLK5r+blYwBZ8bd5AQQVzDDYcRd46B8cp86Yxq\n" - "7Th0Nbva3/m7wAk3tJZzgX0zGpg595NvlX89ubF1h7pRSOiLcD6VBMXYtsMW2YiwsYcdcNqGtA8U\n" - "i3rPENF0NqISe3eGSnnme98CEWilToauNFibJBN4ViIlHgGLS1Fx+4LMWZZpiFpoU8W5DQI3y0u8\n" - "ZkqQfioLBQftFl9VkHXYRskbg+IIvvEjzJkd1ioPgyAVWCeCLvriIsJJsbkBgWqdbZ1Ad2h2TiEq\n" - "bYRAhU52mXyC8/O3AlnUJgEbjt+tUwbRrhjd4rI6y9eIOI6sWym5GdOY+RgDz0iChmYLG2kPyes4\n" - "iHomGgVMktck1JbyrFIto0fVUvY//s6EBnCmqj6i8rZWNBhXouSBbefK8GrTx5FrAoNBfBXva5pk\n" - "XuPQPOWx63tdhvvL5ndJzaNl3Pe5nLjkC1+Tz8wwGjIczhxjlaX56uF0i57pK6kwe6AYHw4YC+Vb\n" - "qdPRbB4HZ4+RS6mKvNJmqpMBiLKR+jFc1abBUggJzQpjotMipuih2TkGl/VujQKQjBR7P4DNG5y6\n" - "xFhyI6+2Vp/GekIzKQc/gsnmHwUNzUwoNovTyD4cxojvXu6JZOkd69qJfjKmadHdzIif0dDJZiHc\n" - "BmfFlHqabWJMfczgZICynkeOowIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE\n" - "AwIBBjAdBgNVHQ4EFgQUiGi/4I41xDs4a2L3KDuEgcgM100wDQYJKoZIhvcNAQEFBQADggIBADsC\n" - "jcs8MOhuoK3yc7NfniUTBAXT9uOLuwt5zlPe5JbF0a9zvNXD0EBVfEB/zRtfCdXyfJ9oHbtdzno5\n" - "wozWmHvFg1Wo1X1AyuAe94leY12hE8JdiraKfADzI8PthV9xdvBoY6pFITlIYXg23PFDk9Qlx/KA\n" - "ZeFTAnVR/Ho67zerhChXDNjU1JlWbOOi/lmEtDHoM/hklJRRl6s5xUvt2t2AC298KQ3EjopyDedT\n" - "FLJgQT2EkTFoPSdE2+Xe9PpjRchMPpj1P0G6Tss3DbpmmPHdy59c91Q2gmssvBNhl0L4eLvMyKKf\n" - "yvBovWsdst+Nbwed2o5nx0ceyrm/KkKRt2NTZvFCo+H0Wk1Ya7XkpDOtXHAd3ODy63MUkZoDweoA\n" - "ZbwH/M8SESIsrqC9OuCiKthZ6SnTGDWkrBFfGbW1G/8iSlzGeuQX7yCpp/Q/rYqnmgQlnQ7KN+ZQ\n" - "/YxCKQSa7LnPS3K94gg2ryMvYuXKAdNw23yCIywWMQzGNgeQerEfZ1jEO1hZibCMjFCz2IbLaKPE\n" - "CudpSyDOwR5WS5WpI2jYMNjD67BVUc3l/Su49bsRn1NU9jQZjHkJNsphFyUXC4KYcwx3dMPVDceo\n" - "EkzHp1RxRy4sGn3J4ys7SN4nhKdjNrN9j6BkOSQNPXuHr2ZcdBtLc7LljPCGmbjlxd+Ewbfr\n" - "-----END CERTIFICATE-----\n", - // "Network Solutions Certificate Authority" "-----BEGIN CERTIFICATE-----\n" "MIID5jCCAs6gAwIBAgIQV8szb8JcFuZHFhfjkDFo4DANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQG\n" From 96ede8cc9b946e23482f855b19428868cab6021a Mon Sep 17 00:00:00 2001 From: koichik Date: Thu, 1 Sep 2011 16:48:35 +0900 Subject: [PATCH 2/4] buffer: Avoid overrun with 'binary' encoding. Fixes #1624. --- src/node_buffer.cc | 6 ++++-- test/simple/test-buffer.js | 6 ++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/src/node_buffer.cc b/src/node_buffer.cc index 75573920e06..961edfcae97 100644 --- a/src/node_buffer.cc +++ b/src/node_buffer.cc @@ -667,9 +667,11 @@ Handle Buffer::BinaryWrite(const Arguments &args) { char *p = (char*)buffer->data_ + offset; - size_t towrite = MIN((unsigned long) s->Length(), buffer->length_ - offset); + size_t max_length = args[2]->IsUndefined() ? buffer->length_ - offset + : args[2]->Uint32Value(); + max_length = MIN(s->Length(), MIN(buffer->length_ - offset, max_length)); - int written = DecodeWrite(p, towrite, s, BINARY); + int written = DecodeWrite(p, max_length, s, BINARY); return scope.Close(Integer::New(written)); } diff --git a/test/simple/test-buffer.js b/test/simple/test-buffer.js index 6b35d726f6d..c24dbc6433e 100644 --- a/test/simple/test-buffer.js +++ b/test/simple/test-buffer.js @@ -553,3 +553,9 @@ assert.equal(written, 9); written = buf.write('あいう\0'); // 3bytes * 3 + 1byte assert.equal(written, 10); +// test for buffer overrun +buf = new Buffer([0, 0, 0, 0, 0]); // length: 5 +var sub = buf.slice(0, 4); // length: 4 +written = sub.write('12345', 'binary'); +assert.equal(written, 4); +assert.equal(buf[4], 0); From 3e853e627edc8f3766cca012b0b0c9bfc0efbd98 Mon Sep 17 00:00:00 2001 From: koichik Date: Fri, 2 Sep 2011 18:37:15 +0900 Subject: [PATCH 3/4] buffer: write() should always set _charsWritten. Refs #1633. --- src/node_buffer.cc | 11 +++++++++++ test/simple/test-buffer.js | 13 +++++++++++++ 2 files changed, 24 insertions(+) diff --git a/src/node_buffer.cc b/src/node_buffer.cc index 961edfcae97..40b76e37a1b 100644 --- a/src/node_buffer.cc +++ b/src/node_buffer.cc @@ -555,6 +555,10 @@ Handle Buffer::AsciiWrite(const Arguments &args) { 0, max_length, String::HINT_MANY_WRITES_EXPECTED); + + constructor_template->GetFunction()->Set(chars_written_sym, + Integer::New(written)); + return scope.Close(Integer::New(written)); } @@ -642,6 +646,9 @@ Handle Buffer::Base64Write(const Arguments &args) { *dst++ = ((c & 0x03) << 6) | (d & 0x3F); } + constructor_template->GetFunction()->Set(chars_written_sym, + Integer::New(s.length())); + return scope.Close(Integer::New(dst - start)); } @@ -672,6 +679,10 @@ Handle Buffer::BinaryWrite(const Arguments &args) { max_length = MIN(s->Length(), MIN(buffer->length_ - offset, max_length)); int written = DecodeWrite(p, max_length, s, BINARY); + + constructor_template->GetFunction()->Set(chars_written_sym, + Integer::New(written)); + return scope.Close(Integer::New(written)); } diff --git a/test/simple/test-buffer.js b/test/simple/test-buffer.js index c24dbc6433e..3c86e9d8bf2 100644 --- a/test/simple/test-buffer.js +++ b/test/simple/test-buffer.js @@ -559,3 +559,16 @@ var sub = buf.slice(0, 4); // length: 4 written = sub.write('12345', 'binary'); assert.equal(written, 4); assert.equal(buf[4], 0); + +// test for _charsWritten +buf = new Buffer(9); +buf.write('あいうえ', 'utf8'); // 3bytes * 4 +assert.equal(Buffer._charsWritten, 3); +buf.write('あいうえお', 'ucs2'); // 2bytes * 5 +assert.equal(Buffer._charsWritten, 4); +buf.write('0123456789', 'ascii'); +assert.equal(Buffer._charsWritten, 9); +buf.write('0123456789', 'binary'); +assert.equal(Buffer._charsWritten, 9); +buf.write('123456', 'base64'); +assert.equal(Buffer._charsWritten, 6); From fdbfc9ceb7383ab3481b75b3071af67c348875b2 Mon Sep 17 00:00:00 2001 From: koichik Date: Sat, 3 Sep 2011 15:28:36 +0900 Subject: [PATCH 4/4] net: Socket write encoding case sensitivity Fixes #1586. --- lib/net.js | 12 ++---- test/simple/test-net-large-string.js | 55 ++++++++++++++++++++++++++++ 2 files changed, 58 insertions(+), 9 deletions(-) create mode 100644 test/simple/test-net-large-string.js diff --git a/lib/net.js b/lib/net.js index 7b9d0de553e..be2bc58e330 100644 --- a/lib/net.js +++ b/lib/net.js @@ -409,16 +409,10 @@ Socket.prototype._writeOut = function(data, encoding, fd, cb) { allocNewPool(); } - if (!encoding || encoding == 'utf8' || encoding == 'utf-8') { - // default to utf8 - bytesWritten = pool.write(data, 'utf8', pool.used); - charsWritten = Buffer._charsWritten; - } else { - bytesWritten = pool.write(data, encoding, pool.used); - charsWritten = bytesWritten; - } + bytesWritten = pool.write(data, encoding, pool.used); + charsWritten = Buffer._charsWritten; - if (encoding && data.length > 0) { + if (data.length > 0) { assert(bytesWritten > 0); } diff --git a/test/simple/test-net-large-string.js b/test/simple/test-net-large-string.js new file mode 100644 index 00000000000..877dc7c780e --- /dev/null +++ b/test/simple/test-net-large-string.js @@ -0,0 +1,55 @@ +// Copyright Joyent, Inc. and other Node contributors. +// +// Permission is hereby granted, free of charge, to any person obtaining a +// copy of this software and associated documentation files (the +// "Software"), to deal in the Software without restriction, including +// without limitation the rights to use, copy, modify, merge, publish, +// distribute, sublicense, and/or sell copies of the Software, and to permit +// persons to whom the Software is furnished to do so, subject to the +// following conditions: +// +// The above copyright notice and this permission notice shall be included +// in all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN +// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE +// USE OR OTHER DEALINGS IN THE SOFTWARE. + +var common = require('../common'); +var assert = require('assert'); +var net = require('net'); + +var kPoolSize = 40 * 1024; +var data = ''; +for (var i = 0; i < kPoolSize; ++i) { + data += 'あ'; // 3bytes +} +var receivedSize = 0; +var encoding = 'UTF-8'; + +var server = net.createServer(function(socket) { + socket.setEncoding(encoding); + socket.on('data', function(data) { + receivedSize += data.length; + }); + socket.on('end', function() { + socket.end(); + }); +}); + +server.listen(common.PORT, function() { + var client = net.createConnection(common.PORT); + client.on('end', function() { + server.close(); + }); + client.write(data, encoding); + client.end(); +}); + +process.on('exit', function() { + assert.equal(receivedSize, kPoolSize); +});