From 789fef1309db62694f04c4afdc0dde563e1c5e83 Mon Sep 17 00:00:00 2001
From: Ray Wang <ray@isrc.iscas.ac.cn>
Date: Sun, 26 Sep 2021 17:22:25 +0800
Subject: [PATCH] src: throw error instead of assertion
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

PR-URL: https://github.com/nodejs/node/pull/40243
Fixes: https://github.com/nodejs/node/issues/40059
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
---
 src/node_buffer.cc | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/node_buffer.cc b/src/node_buffer.cc
index 0546e7a53fae90..48df1323ca7215 100644
--- a/src/node_buffer.cc
+++ b/src/node_buffer.cc
@@ -494,7 +494,12 @@ MaybeLocal<Object> New(Environment* env,
                        size_t length) {
   if (length > 0) {
     CHECK_NOT_NULL(data);
-    CHECK(length <= kMaxLength);
+    // V8 currently only allows a maximum Typed Array index of max Smi.
+    if (length > kMaxLength) {
+      Isolate* isolate(env->isolate());
+      isolate->ThrowException(ERR_BUFFER_TOO_LARGE(isolate));
+      return Local<Object>();
+    }
   }
 
   auto free_callback = [](char* data, void* hint) { free(data); };