From 00e04bc2a93956553844766ecff7eab39beb843f Mon Sep 17 00:00:00 2001 From: Santiago Gimeno Date: Tue, 31 Mar 2020 20:56:01 +0200 Subject: [PATCH 1/2] net: fix crash if POLLHUP is received If the `onread` socket option is used and a `POLLHUP` event is received, libuv returns `UV_EOF` along with a `NULL` buffer in the read callback, causing the crash. Deal with this case. Fixes: https://github.com/nodejs/node/issues/31823 --- src/stream_base.cc | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/stream_base.cc b/src/stream_base.cc index 63b06378f7c127..0d311f00e42186 100644 --- a/src/stream_base.cc +++ b/src/stream_base.cc @@ -517,13 +517,21 @@ uv_buf_t CustomBufferJSListener::OnStreamAlloc(size_t suggested_size) { void CustomBufferJSListener::OnStreamRead(ssize_t nread, const uv_buf_t& buf) { CHECK_NOT_NULL(stream_); - CHECK_EQ(buf.base, buffer_.base); StreamBase* stream = static_cast(stream_); Environment* env = stream->stream_env(); HandleScope handle_scope(env->isolate()); Context::Scope context_scope(env->context()); + // To deal with the case where POLLHUP is received and UV_EOF is returned, as + // libuv returns an empty buffer. (On unices only) + if (nread == UV_EOF && buf.base == nullptr) { + stream->CallJSOnreadMethod(nread, Local()); + return; + } + + CHECK_EQ(buf.base, buffer_.base); + MaybeLocal ret = stream->CallJSOnreadMethod(nread, Local(), 0, From fed0629db05cc3478b817c693ba2a7c6421417b0 Mon Sep 17 00:00:00 2001 From: Anna Henningsen Date: Sun, 5 Apr 2020 21:08:11 +0200 Subject: [PATCH 2/2] fixup! net: fix crash if POLLHUP is received MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-Authored-By: Juan José --- src/stream_base.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/stream_base.cc b/src/stream_base.cc index 0d311f00e42186..d8a191dc2e5f6d 100644 --- a/src/stream_base.cc +++ b/src/stream_base.cc @@ -524,7 +524,7 @@ void CustomBufferJSListener::OnStreamRead(ssize_t nread, const uv_buf_t& buf) { Context::Scope context_scope(env->context()); // To deal with the case where POLLHUP is received and UV_EOF is returned, as - // libuv returns an empty buffer. (On unices only) + // libuv returns an empty buffer (on unices only). if (nread == UV_EOF && buf.base == nullptr) { stream->CallJSOnreadMethod(nread, Local()); return;