Skip to content
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: nodejs/node-v0.x-archive
base: f7ebb4d8b6d1
Choose a base ref
...
head repository: nodejs/node-v0.x-archive
compare: ef33c3c78784
Choose a head ref
  • 1 commit
  • 1 file changed
  • 1 contributor

Commits on Mar 23, 2013

  1. Remove harmful + unnecessary bounds checking in tls 

    The EncIn, EncOut, ClearIn & ClearOut functions are victims of some code
copy + pasting. A common line copied to all of them is:

`if (off >= buffer_length) { ...`

448e0f4 corrected ClearIn's check from `>=` to `>`, but left the others
unchanged (with an incorrect bounds check). However, if you look down at
the next very next bounds check you'll see:

`if (off + len > buffer_length) { ...`

So the check is actually obviated by the next line, and should be
removed.

This fixes an issue where writing a zero-length buffer to an encrypted
pair's *encrypted* stream you would get a crash.
    @laverdet @indutny
    laverdet authored and indutny committed Mar 23, 2013
    Copy the full SHA
    ef33c3c View commit details
    Browse the repository at this point in the history