buffer: throw on negative .allocUnsafe() argument

[addaleax]

Checklist

• tests and code linting passes
• a test and/or benchmark is included
• the commit message follows commit guidelines

Affected core subsystem(s)

buffer

Description of change

Add a check for size < 0 to assertSize(), as passing a negative value almost certainly indicates a programming error.

This also lines up the behaviour of .allocUnsafe() with the ones of .alloc() and .allocUnsafeSlow() (which previously threw errors from the Uint8Array constructor).

CI: https://ci.nodejs.org/job/node-test-commit/3599/

[yorkie]

How about this abstraction:

function assertSize(size) {
  let err = null;
  if (typeof size !== 'number') err = new TypeError('"size" argument must be a number');
  if (size < 0) err = new RangeError('"size" argument must not be negative');
  if (err) {
    // The following hides the 'assertSize' method from the
    // callstack. This is done simply to hide the internal
    // details of the implementation from bleeding out to users.
    Error.captureStackTrace(err, assertSize);
    throw err;
  }
}

This could improve the comments for Error.captureStackTrace(err, assertSize);. :-)

[addaleax]

Updated with that, although I’m not it makes a huge difference ;)

[ChALkeR]

Should this have 7.0 milestone?

[trevnorris]

Only suggestion I may have is that Buffer.alloc*() calls were being placed in test/parallel/test-buffer-alloc.js after the new API was introduced. Other than that, LGTM.

[jasnell]

Aside: we really ought to refactor the test-buffer.js and test-buffer-alloc.js to make those more sane... likely should split them into multiple individual tests.

[RReverser]

Perhaps else if here so that it wouldn't attempt to call .valueOf etc. on objects?

[trevnorris]

In this case might as well add the test

assert.throws(() => Buffer.alloc({ valueOf: () => -1 }), /"size" argument must be a number/);

or swapping them would achieve the same logical effect.

[addaleax]

Updated with everyone’s comments, new CI: https://ci.nodejs.org/job/node-test-commit/3693/

[ChALkeR]

LGTM

[cjihrig]

LGTM

[addaleax]

Rebased, new CI: https://ci.nodejs.org/job/node-test-commit/4408/

I’ll land this some time in the next couple of days.

[jasnell]

LGTM

[ChALkeR]

Just to clarify: this now also throws on negative Buffer(number), because that does Buffer.allocUnsafe(number). That should be also noted in the changelog, I suppose.

[jasnell]

Good catch. +1

[ChALkeR]

Hm. @jasnell, per #7964 do we want to hard-deprecate this first or not?

[jasnell]

Excellent question! To be honest I don't know. What do you think?
@nodejs/ctc...
Thoughts?

On Thursday, August 4, 2016, Сковорода Никита Андреевич <
[email protected]> wrote:

Hm. @jasnell https://github.com/jasnell, per #7964
#7964 do we want to hard-deprecate
this first or not?

—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub
#7079 (comment), or mute
the thread
https://github.com/notifications/unsubscribe-auth/AAa2ecrWOnS-dbSA8zliVwTg7G-z3e8zks5qcstzgaJpZM4Iqyya
.

[mscdex]

I think I'd be more in favor of just landing in v7.

[ChALkeR]

I'm ok with both and this still LGTM =).

[jasnell]

Works for me also.

[yorkie]

LGTM

[addaleax]

I’ve gone ahead and landed this in 8f90dcc since there seems to be agreement that this can safely go into v7.

[LinusU]

The docs was not updated with this PR, was that intentional or would a PR for docs be welcome?

[jasnell]

@LinusU ... doc changes are always helpful!