buffer: throw if string is not a valid HEX string #3773
Conversation
thefourtheye
added
buffer
| if (StringBytes::IsValidString(env->isolate(), str, encoding) == false) { | ||
| if (encoding == HEX) | ||
| return env->ThrowTypeError("Invalid hex string"); | ||
| } |
There was a problem hiding this comment.
Seems rather wasteful to call IsValidString() and only act on the result when encoding == HEX.
EDIT: What I mean is that IsValidString() may be cheap now but that can change when more checks are added.
There was a problem hiding this comment.
I was about to send a follow-up or for base 64 strings
There was a problem hiding this comment.
No need to compare a known boolean value to false. if (!… would do.
|
The problem I see with this approach is that it allocates memory for and writes out the string twice in the common case. |
|
Would it be better to do it in js itself? |
|
Couldn't we just optimistically write the hex value and do the final check of Now we'd also have to check for utf-8 characters. I'd recommend doing something like the following: size_t string_length;
if (string->IsOneByte())
string_length = string->Length();
else
string_length = string->Utf8Length();Now |
|
|
||
| bool StringBytes::IsValidString(Isolate* isolate, | ||
| Local<String> string, | ||
| enum encoding enc) { | ||
| if (enc == HEX && string->Length() % 2 != 0) | ||
| if (enc == HEX && IsValidHexString(isolate, string) == false) |
There was a problem hiding this comment.
!IsValidHexString(isolate, string)
ChALkeR
added
the
semver-major
|
+1 on this change, there is no sense in both throwing on invalid length and ignoring (actually stopping at) invalid content. Also, it seems like that behavior was never documented. Could you add a note to the documentation that this method throws on invalid input (after making sure that it does that for other encodings, too)? A minor notice regarding the commit message: «hex» is not an abbrevation, it's a short word for «hexademical». Also, this is probably a |
As it is, if an invalid HEX string is passed to `Buffer` constructor, it will only use the valid HEX values and ignore the rest. But, it also throws an error when the length of the string is odd in length. This patch throws an error if the string is not a valid HEX string. Fixes: nodejs#3770
thefourtheye
force-pushed
the
buffer-hex-string-fix
branch
from
97fc4c3
to
0d5f47a
Compare
|
What's the status on this one? |
estliberitas
force-pushed
the
master
branch
2 times, most recently
from
7da4fd4
to
c7066fb
Compare
|
@thefourtheye ... are you still interested in doing this? |
rvagg
force-pushed
the
master
branch
2 times, most recently
from
c133999
to
83c7a88
Compare
|
ping @thefourtheye |
|
Closing due to lack of forward progress on this. Can reopen and revisit if necessary |
As it is, if an invalid HEX string is passed to
Bufferconstructor,it will only use the valid HEX values and ignore the rest. But, it also
throws an error when the length of the string is odd in length. This
patch throws an error if the string is not a valid HEX string.
Fixes: #3770
cc @vkurchatkin @trevnorris @bnoordhuis