buffer: convert offset & length to int properly (!9492) · Merge requests · Rodrigo Test / Test Group-nodejs / node

Rodrigo Muino Tomonari requested to merge github/fork/thefourtheye/buffer-from-array-buffer into master Nov 06, 2016

Checklist

make -j8 test (UNIX), or vcbuild test nosign (Windows) passes
tests and/or benchmarks are included
commit message follows commit guidelines

Affected core subsystem(s)

buffer

Description of change

As per ecma-262 2015's #sec-%typedarray%-buffer-byteoffset-length, offset would be an integer, not a 32 bit unsigned integer. Also, length would be an integer with the maximum value of 2^53 - 1, not a 32 bit unsigned integer.

This would be a problem because, if we create a buffer from an arraybuffer, from an offset which is greater than 2^32, it would be actually pointing to a different location in arraybuffer. For example, if we use 2^40 as offset, then the actual value used will be 0, because byteOffset >>>= 0 will convert byteOffset to a 32 bit unsigned int, which is based on 2^32 modulo.

cc @nodejs/buffer

Admin message

Admin message

buffer: convert offset & length to int properly

Checklist

Affected core subsystem(s)

Description of change

Merge request reports