1'use strict'; 2 3const common = require('../common'); 4const assert = require('assert'); 5 6[-1, 10].forEach((offset) => { 7 assert.throws( 8 () => Buffer.alloc(9).write('foo', offset), 9 { 10 code: 'ERR_OUT_OF_RANGE', 11 name: 'RangeError', 12 message: 'The value of "offset" is out of range. ' + 13 `It must be >= 0 && <= 9. Received ${offset}` 14 } 15 ); 16}); 17 18const resultMap = new Map([ 19 ['utf8', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])], 20 ['ucs2', Buffer.from([102, 0, 111, 0, 111, 0, 0, 0, 0])], 21 ['ascii', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])], 22 ['latin1', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])], 23 ['binary', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])], 24 ['utf16le', Buffer.from([102, 0, 111, 0, 111, 0, 0, 0, 0])], 25 ['base64', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])], 26 ['hex', Buffer.from([102, 111, 111, 0, 0, 0, 0, 0, 0])] 27]); 28 29// utf8, ucs2, ascii, latin1, utf16le 30const encodings = ['utf8', 'utf-8', 'ucs2', 'ucs-2', 'ascii', 'latin1', 31 'binary', 'utf16le', 'utf-16le']; 32 33encodings 34 .reduce((es, e) => es.concat(e, e.toUpperCase()), []) 35 .forEach((encoding) => { 36 const buf = Buffer.alloc(9); 37 const len = Buffer.byteLength('foo', encoding); 38 assert.strictEqual(buf.write('foo', 0, len, encoding), len); 39 40 if (encoding.includes('-')) 41 encoding = encoding.replace('-', ''); 42 43 assert.deepStrictEqual(buf, resultMap.get(encoding.toLowerCase())); 44 }); 45 46// base64 47['base64', 'BASE64'].forEach((encoding) => { 48 const buf = Buffer.alloc(9); 49 const len = Buffer.byteLength('Zm9v', encoding); 50 51 assert.strictEqual(buf.write('Zm9v', 0, len, encoding), len); 52 assert.deepStrictEqual(buf, resultMap.get(encoding.toLowerCase())); 53}); 54 55// hex 56['hex', 'HEX'].forEach((encoding) => { 57 const buf = Buffer.alloc(9); 58 const len = Buffer.byteLength('666f6f', encoding); 59 60 assert.strictEqual(buf.write('666f6f', 0, len, encoding), len); 61 assert.deepStrictEqual(buf, resultMap.get(encoding.toLowerCase())); 62}); 63 64// Invalid encodings 65for (let i = 1; i < 10; i++) { 66 const encoding = String(i).repeat(i); 67 const error = common.expectsError({ 68 code: 'ERR_UNKNOWN_ENCODING', 69 name: 'TypeError', 70 message: `Unknown encoding: ${encoding}` 71 }); 72 73 assert.ok(!Buffer.isEncoding(encoding)); 74 assert.throws(() => Buffer.alloc(9).write('foo', encoding), error); 75} 76 77// UCS-2 overflow CVE-2018-12115 78for (let i = 1; i < 4; i++) { 79 // Allocate two Buffers sequentially off the pool. Run more than once in case 80 // we hit the end of the pool and don't get sequential allocations 81 const x = Buffer.allocUnsafe(4).fill(0); 82 const y = Buffer.allocUnsafe(4).fill(1); 83 // Should not write anything, pos 3 doesn't have enough room for a 16-bit char 84 assert.strictEqual(x.write('ыыыыыы', 3, 'ucs2'), 0); 85 // CVE-2018-12115 experienced via buffer overrun to next block in the pool 86 assert.strictEqual(Buffer.compare(y, Buffer.alloc(4, 1)), 0); 87} 88 89// Should not write any data when there is no space for 16-bit chars 90const z = Buffer.alloc(4, 0); 91assert.strictEqual(z.write('\u0001', 3, 'ucs2'), 0); 92assert.strictEqual(Buffer.compare(z, Buffer.alloc(4, 0)), 0); 93// Make sure longer strings are written up to the buffer end. 94assert.strictEqual(z.write('abcd', 2), 2); 95assert.deepStrictEqual([...z], [0, 0, 0x61, 0x62]); 96 97// Large overrun could corrupt the process 98assert.strictEqual(Buffer.alloc(4) 99 .write('ыыыыыы'.repeat(100), 3, 'utf16le'), 0); 100 101{ 102 // .write() does not affect the byte after the written-to slice of the Buffer. 103 // Refs: https://github.com/nodejs/node/issues/26422 104 const buf = Buffer.alloc(8); 105 assert.strictEqual(buf.write('ыы', 1, 'utf16le'), 4); 106 assert.deepStrictEqual([...buf], [0, 0x4b, 0x04, 0x4b, 0x04, 0, 0, 0]); 107} 108