Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Inaccurate boundary validation in Buffer.prototype.writeUIntBE/LE(value,offset,byteLength) #3497

Closed
kotarondo opened this issue Oct 23, 2015 · 2 comments
Closed

Inaccurate boundary validation in Buffer.prototype.writeUIntBE/LE(value,offset,byteLength) #3497

kotarondo opened this issue Oct 23, 2015 · 2 comments
Labels
buffer Issues and PRs related to the buffer subsystem.

Comments

@kotarondo
Copy link

The expression
new Buffer(1).writeUIntBE(0x100,0,1)
should throw an out-of-bounds error, but it does not.

In the source code, value validation is coded as follows:
checkInt(this, value, offset, byteLength, Math.pow(2, 8 * byteLength), 0);

Here, max value should be Math.pow(2, 8 * byteLength) - 1 ?
@Fishrock123 Fishrock123 added the buffer Issues and PRs related to the buffer subsystem. label Oct 23, 2015
@Fishrock123
Copy link
Contributor

cc @trevnorris

@trevnorris
Copy link
Contributor

yup. you're correct.

@trevnorris trevnorris mentioned this issue Oct 23, 2015
Closed
trevnorris added a commit to trevnorris/node that referenced this issue Oct 26, 2015
@trevnorris
buffer: fix value check for writeUInt{B,L}E
559e66b 
Fixes: nodejs#3497
trevnorris added a commit that referenced this issue Oct 26, 2015
@trevnorris @rvagg
buffer: fix value check for writeUInt{B,L}E
6a04cc0 
Fixes: #3497
PR-URL: #3500
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
trevnorris added a commit that referenced this issue Oct 28, 2015
@trevnorris @jasnell
buffer: fix value check for writeUInt{B,L}E
bc2120c 
Fixes: #3497
PR-URL: #3500
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
trevnorris added a commit that referenced this issue Oct 29, 2015
@trevnorris @jasnell
buffer: fix value check for writeUInt{B,L}E
1d0f2cb 
Fixes: #3497
PR-URL: #3500
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
@aliscco aliscco mentioned this issue Feb 11, 2024
Open
@aliscco aliscco mentioned this issue Mar 23, 2024
Open
@aliscco aliscco mentioned this issue May 14, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
buffer Issues and PRs related to the buffer subsystem.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@trevnorris @Fishrock123 @kotarondo