src: perform bounds checking on error source line

Fixes: nodejs#33578
addaleax · May 29, 2020 · 7d7a9b4 · 7d7a9b4
1 parent 9949a2e
commit 7d7a9b4
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/src/node_errors.cc b/src/node_errors.cc
@@ -56,19 +56,18 @@ static std::string GetErrorSource(Isolate* isolate,
   MaybeLocal<String> source_line_maybe = message->GetSourceLine(context);
   node::Utf8Value encoded_source(isolate, source_line_maybe.ToLocalChecked());
   std::string sourceline(*encoded_source, encoded_source.length());
+  *added_exception_line = false;
 
   // If source maps have been enabled, the exception line will instead be
   // added in the JavaScript context:
   Environment* env = Environment::GetCurrent(isolate);
   const bool has_source_map_url =
       !message->GetScriptOrigin().SourceMapUrl().IsEmpty();
   if (has_source_map_url && env->source_maps_enabled()) {
-    *added_exception_line = false;
     return sourceline;
   }
 
   if (sourceline.find("node-do-not-add-exception-line") != std::string::npos) {
-    *added_exception_line = false;
     return sourceline;
   }
 
@@ -116,6 +115,12 @@ static std::string GetErrorSource(Isolate* isolate,
                             sourceline.c_str());
   CHECK_GT(buf.size(), 0);
 
+  if (start >= end ||
+      start < 0 ||
+      static_cast<size_t>(end) > sourceline.size()) {
+    return buf;
+  }
+
   constexpr int kUnderlineBufsize = 1020;
   char underline_buf[kUnderlineBufsize + 4];
   int off = 0;