node-api: fix immediate napi_remove_wrap test (!45406) · Merge requests · Rodrigo Test / Test Group-nodejs / node

Rodrigo Muino Tomonari requested to merge github/fork/legendecas/node-api/napi-wrap-delete-ref into main Nov 10, 2022

As documented in napi_wrap section, the returned reference must be deleted with napi_delete_reference in response to the finalize callback, in which napi_unwrap and napi_remove_wrap is not available.

When the reference needs to be deleted early, it should be deleted after the wrapped value is not accessed with napi_unwrap and napi_remove_wrap too.

This test is previously added in response to duplicating the test https://github.com/nodejs/node-addon-api/blob/main/test/objectwrap_constructor_exception.cc in the node-addon-api. As Napi::ObjectWrap<> is a subclass of Napi::Reference<>, napi_remove_wrap in the destructor of Napi::ObjectWrap<> is called before napi_delete_reference in the destructor of Napi::Reference<>.

This fix is intended to fix the use-after-free problem in https://github.com/nodejs/node/pull/44141.

Admin message

Admin message

node-api: fix immediate napi_remove_wrap test

Merge request reports