From 8245a7816c8fb6e6b48f48d2fe36a3f360cf27d7 Mon Sep 17 00:00:00 2001 From: Christian Niederer Date: Tue, 11 Feb 2020 16:27:19 +0100 Subject: [PATCH] src: check for overflow when extending AliasedBufferBase When resizing an aliased_buffer check if the new size will overflow. PR-URL: https://github.com/nodejs/node/pull/31740 Reviewed-By: James M Snell Reviewed-By: Anna Henningsen Reviewed-By: David Carlier Reviewed-By: Colin Ihrig --- src/aliased_buffer.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/aliased_buffer.h b/src/aliased_buffer.h index 281c8fed581645..e762e8ede8ebee 100644 --- a/src/aliased_buffer.h +++ b/src/aliased_buffer.h @@ -221,7 +221,8 @@ class AliasedBufferBase { const v8::HandleScope handle_scope(isolate_); const size_t old_size_in_bytes = sizeof(NativeT) * count_; - const size_t new_size_in_bytes = sizeof(NativeT) * new_capacity; + const size_t new_size_in_bytes = MultiplyWithOverflowCheck(sizeof(NativeT), + new_capacity); // allocate v8 new ArrayBuffer v8::Local ab = v8::ArrayBuffer::New(