From d89d55ab365c9bc92e6176d0ab4cacbe6d3dfb2b Mon Sep 17 00:00:00 2001
From: Antoine du Hamel <duhamelantoine1995@gmail.com>
Date: Fri, 19 Mar 2021 10:48:02 +0100
Subject: [PATCH] tty: validate file descriptor to avoid int32 overflow

Fixes: https://github.com/nodejs/node/issues/37805

PR-URL: https://github.com/nodejs/node/pull/37809
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
---
 lib/tty.js                         | 3 ++-
 test/pseudo-tty/test-tty-isatty.js | 1 +
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/tty.js b/lib/tty.js
index 583cc1329830c9..1828077c0adc0c 100644
--- a/lib/tty.js
+++ b/lib/tty.js
@@ -40,7 +40,8 @@ const {
 let readline;
 
 function isatty(fd) {
-  return NumberIsInteger(fd) && fd >= 0 && isTTY(fd);
+  return NumberIsInteger(fd) && fd >= 0 && fd <= 2147483647 &&
+         isTTY(fd);
 }
 
 function ReadStream(fd, options) {
diff --git a/test/pseudo-tty/test-tty-isatty.js b/test/pseudo-tty/test-tty-isatty.js
index 3a7b2940311221..ad81a4c6eff92b 100644
--- a/test/pseudo-tty/test-tty-isatty.js
+++ b/test/pseudo-tty/test-tty-isatty.js
@@ -10,6 +10,7 @@ strictEqual(isatty(2), true, 'stderr reported to not be a tty, but it is');
 
 strictEqual(isatty(-1), false, '-1 reported to be a tty, but it is not');
 strictEqual(isatty(55555), false, '55555 reported to be a tty, but it is not');
+strictEqual(isatty(2 ** 31), false, '2^31 reported to be a tty, but it is not');
 strictEqual(isatty(1.1), false, '1.1 reported to be a tty, but it is not');
 strictEqual(isatty('1'), false, '\'1\' reported to be a tty, but it is not');
 strictEqual(isatty({}), false, '{} reported to be a tty, but it is not');