Fixes crash when using a non-standard error code (#2184)

* Fixes crash when using a non-standard error code

Updates how we validate reply status code.
Now allowing only numbers in range between 100 and 600

* adds provided status code in FST_ERR_BAD_STATUS_CODE error

lib/errors.js

@@ -48,7 +48,7 @@ createError('FST_ERR_REP_ALREADY_SENT', 'Reply was already sent.')
 createError('FST_ERR_REP_SENT_VALUE', 'The only possible value for reply.sent is true.')
 createError('FST_ERR_SEND_INSIDE_ONERR', 'You cannot use `send` inside the `onError` hook')
 createError('FST_ERR_SEND_UNDEFINED_ERR', 'Undefined error has occured')
-createError('FST_ERR_BAD_STATUS_CODE', 'Called reply with malformed status code')
+createError('FST_ERR_BAD_STATUS_CODE', 'Called reply with an invalid status code: %s')
 
 /**
  * schemas

lib/reply.js

@@ -198,11 +198,12 @@ Reply.prototype.headers = function (headers) {
 }
 
 Reply.prototype.code = function (code) {
-  if (statusCodes[code] === undefined) {
-    throw new FST_ERR_BAD_STATUS_CODE()
+  const intValue = parseInt(code)
+  if (isNaN(intValue) || intValue < 100 || intValue > 600) {
+    throw new FST_ERR_BAD_STATUS_CODE(String(code))
   }
 
-  this.res.statusCode = code
+  this.res.statusCode = intValue
   this[kReplyHasStatusCode] = true
   return this
 }

test/reply-error.test.js

@@ -415,7 +415,7 @@ invalidErrorCodes.forEach((invalidCode) => {
       } catch (err) {
         t.is(err.name, 'FastifyError [FST_ERR_BAD_STATUS_CODE]')
         t.is(err.code, 'FST_ERR_BAD_STATUS_CODE')
-        t.is(err.message, 'FST_ERR_BAD_STATUS_CODE: Called reply with malformed status code')
+        t.is(err.message, `FST_ERR_BAD_STATUS_CODE: Called reply with an invalid status code: ${String(invalidCode)}`)
       }
     })
     fastify.inject({