From 4678e44bb28c00dc22771a0ef2684a4d46715ab0 Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Fri, 29 May 2020 23:39:39 +0200 Subject: [PATCH] src: perform bounds checking on error source line Fixes: https://github.com/nodejs/node/issues/33578 PR-URL: https://github.com/nodejs/node/pull/33645 Reviewed-By: Rich Trott --- src/node_errors.cc | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/src/node_errors.cc b/src/node_errors.cc index 4f8b003d8da225..3f0bb68a2974c7 100644 --- a/src/node_errors.cc +++ b/src/node_errors.cc @@ -55,6 +55,7 @@ static std::string GetErrorSource(Isolate* isolate, MaybeLocal source_line_maybe = message->GetSourceLine(context); node::Utf8Value encoded_source(isolate, source_line_maybe.ToLocalChecked()); std::string sourceline(*encoded_source, encoded_source.length()); + *added_exception_line = false; // If source maps have been enabled, the exception line will instead be // added in the JavaScript context: @@ -62,12 +63,10 @@ static std::string GetErrorSource(Isolate* isolate, const bool has_source_map_url = !message->GetScriptOrigin().SourceMapUrl().IsEmpty(); if (has_source_map_url && env->source_maps_enabled()) { - *added_exception_line = false; return sourceline; } if (sourceline.find("node-do-not-add-exception-line") != std::string::npos) { - *added_exception_line = false; return sourceline; } @@ -114,6 +113,13 @@ static std::string GetErrorSource(Isolate* isolate, linenum, sourceline.c_str()); CHECK_GT(buf.size(), 0); + *added_exception_line = true; + + if (start > end || + start < 0 || + static_cast(end) > sourceline.size()) { + return buf; + } constexpr int kUnderlineBufsize = 1020; char underline_buf[kUnderlineBufsize + 4]; @@ -136,7 +142,6 @@ static std::string GetErrorSource(Isolate* isolate, CHECK_LE(off, kUnderlineBufsize); underline_buf[off++] = '\n'; - *added_exception_line = true; return buf + std::string(underline_buf, off); }