From fecb399793c634fcf3e4cdc919ecf89cfdfb1fca Mon Sep 17 00:00:00 2001 From: DullReferenceException Date: Wed, 30 Apr 2014 19:48:57 -0700 Subject: [PATCH] Invalid BufferType validation I encountered a library using `strtok2` that is unfortunately constructing a `BufferType`, passing in `NaN` for the length. Unfortunately, this is causing the parser to get into a state from whence there is no return. By throwing an exception, this should notify those that are calling `BufferType` incorrectly that an error has occurred so that at the very least, an uncaught exception will occur. --- .gitignore | 1 + lib/strtok.js | 2 ++ package.json | 2 +- test/test-buf.js | 3 +++ 4 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index daa30a3..cec3e54 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ README.html +/.idea diff --git a/lib/strtok.js b/lib/strtok.js index 4884b6f..861febe 100644 --- a/lib/strtok.js +++ b/lib/strtok.js @@ -231,6 +231,8 @@ exports.INT32_BE = INT32_BE; // the 'len' and other properties directly. var BufferType = function(l) { + assert.ok(l && l > 0); + var self = this; self.len = l; diff --git a/package.json b/package.json index 3788b34..9c27d81 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name" : "strtok", - "version" : "0.1.0", + "version" : "0.1.1", "description" : "A streaming tokenizer", "author" : "Peter Griess ", "engines" : { diff --git a/test/test-buf.js b/test/test-buf.js index 5a53ff8..797799f 100644 --- a/test/test-buf.js +++ b/test/test-buf.js @@ -19,3 +19,6 @@ util.runParseTests('\x05peter', [ return strtok.DONE; } ]); + +assert.throws(function() { new strtok.BufferType(NaN); }, Error); +assert.throws(function() { new strtok.BufferType(-1); }, Error);