string_decoder: throw an error when writing a too long buffer

PR-URL: #52215
Fixes: #52214
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: theanarkh <theratliter@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

Author: kylo5aby

src/string_decoder.cc

@@ -31,11 +31,11 @@ MaybeLocal<String> MakeString(Isolate* isolate,
   Local<Value> error;
   MaybeLocal<Value> ret;
   if (encoding == UTF8) {
-    MaybeLocal<String> utf8_string = String::NewFromUtf8(
-        isolate,
-        data,
-        v8::NewStringType::kNormal,
-        length);
+    MaybeLocal<String> utf8_string;
+    if (length <= static_cast<size_t>(v8::String::kMaxLength)) {
+      utf8_string = String::NewFromUtf8(
+          isolate, data, v8::NewStringType::kNormal, length);
+    }
     if (utf8_string.IsEmpty()) {
       isolate->ThrowException(node::ERR_STRING_TOO_LONG(isolate));
       return MaybeLocal<String>();

test/pummel/test-string-decoder-large-buffer.js

@@ -0,0 +1,29 @@
+'use strict';
+const common = require('../common');
+
+// Buffer with size > INT32_MAX
+common.skipIf32Bits();
+
+const assert = require('assert');
+const { StringDecoder } = require('node:string_decoder');
+const kStringMaxLength = require('buffer').constants.MAX_STRING_LENGTH;
+
+const size = 2 ** 31;
+
+const stringTooLongError = {
+  message: `Cannot create a string longer than 0x${kStringMaxLength.toString(16)}` +
+    ' characters',
+  code: 'ERR_STRING_TOO_LONG',
+  name: 'Error',
+};
+
+try {
+  const buf = Buffer.allocUnsafe(size);
+  const decoder = new StringDecoder('utf8');
+  assert.throws(() => decoder.write(buf), stringTooLongError);
+} catch (e) {
+  if (e.code !== 'ERR_MEMORY_ALLOCATION_FAILED') {
+    throw e;
+  }
+  common.skip('insufficient space for Buffer.alloc');
+}