github/socket.io
1
1
Fork 0
mirror of https://github.com/socketio/socket.io.git synced 2026-04-30 03:00:39 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
b5d0cb7dc56a0601a09b056beaeeb0e43b160050
socket.io/test/buffer.js
Damien Arrachequesne b5d0cb7dc5 fix: check the format of the index of each attachment 
A specially crafted packet could be incorrectly decoded.

Example:

```js
const decoder = new Decoder();

decoder.on("decoded", (packet) => {
  console.log(packet.data); // prints [ 'hello', [Function: splice] ]
})

decoder.add('51-["hello",{"_placeholder":true,"num":"splice"}]');
decoder.add(Buffer.from("world"));
```

As usual, please remember not to trust user input.
2022-06-27 15:39:24 +02:00

77 lines
2.0 KiB
JavaScript
Raw Blame History

const { PacketType, Decoder } = require("../");
const helpers = require("./helpers.js");
const expect = require("expect.js");
describe("parser", () => {
it("encodes a Buffer", (done) => {
helpers.test_bin(
{
type: PacketType.EVENT,
data: ["a", Buffer.from("abc", "utf8")],
id: 23,
nsp: "/cool",
},
done
);
});
it("encodes a nested Buffer", (done) => {
helpers.test_bin(
{
type: PacketType.EVENT,
data: ["a", { b: ["c", Buffer.from("abc", "utf8")] }],
id: 23,
nsp: "/cool",
},
done
);
});
it("encodes a binary ack with Buffer", (done) => {
helpers.test_bin(
{
type: PacketType.ACK,
data: ["a", Buffer.from("xxx", "utf8"), {}],
id: 127,
nsp: "/back",
},
done
);
});
it("throws an error when adding an attachment with an invalid 'num' attribute (string)", () => {
const decoder = new Decoder();
expect(() => {
decoder.add('51-["hello",{"_placeholder":true,"num":"splice"}]');
decoder.add(Buffer.from("world"));
}).to.throwException(/^illegal attachments$/);
});
it("throws an error when adding an attachment with an invalid 'num' attribute (out-of-bound)", () => {
const decoder = new Decoder();
expect(() => {
decoder.add('51-["hello",{"_placeholder":true,"num":1}]');
decoder.add(Buffer.from("world"));
}).to.throwException(/^illegal attachments$/);
});
it("throws an error when adding an attachment without header", () => {
const decoder = new Decoder();
expect(() => {
decoder.add(Buffer.from("world"));
}).to.throwException(/^got binary data when not reconstructing a packet$/);
});
it("throws an error when decoding a binary event without attachments", () => {
const decoder = new Decoder();
expect(() => {
decoder.add('51-["hello",{"_placeholder":true,"num":0}]');
decoder.add('2["hello"]');
}).to.throwException(/^got plaintext data when reconstructing a packet$/);
});
});
Reference in New Issue View Git Blame Copy Permalink