From 7c9ec58db59d4b9d857d644cf5ed3a0b6a52cc1f Mon Sep 17 00:00:00 2001 From: Paul Morelle Date: Sun, 17 Dec 2017 22:35:10 +0100 Subject: [PATCH] Sanitize some parameters before HasInstance calls Some parameters were passed to HasInstance without being checked first. If they were null, this would crash the entire nodejs engine. Throw a proper exception instead. --- src/CanvasRenderingContext2d.cc | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/CanvasRenderingContext2d.cc b/src/CanvasRenderingContext2d.cc index d7c496632..01f15c40c 100644 --- a/src/CanvasRenderingContext2d.cc +++ b/src/CanvasRenderingContext2d.cc @@ -503,6 +503,8 @@ NAN_METHOD(Context2d::New) { return Nan::ThrowTypeError("Class constructors cannot be invoked without 'new'"); } + if (!info[0]->IsObject()) + return Nan::ThrowTypeError("Canvas expected"); Local obj = info[0]->ToObject(); if (!Nan::New(Canvas::constructor)->HasInstance(obj)) return Nan::ThrowTypeError("Canvas expected"); @@ -947,6 +949,10 @@ NAN_METHOD(Context2d::GetImageData) { NAN_METHOD(Context2d::DrawImage) { if (info.Length() < 3) return Nan::ThrowTypeError("invalid arguments"); + if (!info[0]->IsObject() + || !info[1]->IsNumber() + || !info[2]->IsNumber()) + return Nan::ThrowTypeError("Expected object, number and number"); float sx = 0 , sy = 0 @@ -1555,6 +1561,8 @@ NAN_METHOD(Context2d::IsPointInPath) { */ NAN_METHOD(Context2d::SetFillPattern) { + if (!info[0]->IsObject()) + return Nan::ThrowTypeError("Gradient or Pattern expected"); Local obj = info[0]->ToObject(); if (Nan::New(Gradient::constructor)->HasInstance(obj)){ Context2d *context = Nan::ObjectWrap::Unwrap(info.This()); @@ -1574,6 +1582,8 @@ NAN_METHOD(Context2d::SetFillPattern) { */ NAN_METHOD(Context2d::SetStrokePattern) { + if (!info[0]->IsObject()) + return Nan::ThrowTypeError("Gradient or Pattern expected"); Local obj = info[0]->ToObject(); if (Nan::New(Gradient::constructor)->HasInstance(obj)){ Context2d *context = Nan::ObjectWrap::Unwrap(info.This());