delta/node-new.git/src/node_revert.h, branch try_Python3_on_macOS github.com: nodejs/node.git http2: remove security revert flags 2019-08-18T23:09:28+00:00 Anna Henningsen anna@addaleax.net 2019-08-15T12:33:33+00:00 4e782c9deb03b58923f22e930ba1c5a778fbe4a5 As the comment in `node_revert.h` indicates, the master branch should not provide security revert flags. Refs: https://github.com/nodejs/node/pull/29122 PR-URL: https://github.com/nodejs/node/pull/29141 Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com> Reviewed-By: Gus Caplan <me@gus.host> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> 
As the comment in `node_revert.h` indicates, the master branch should
not provide security revert flags.

Refs: https://github.com/nodejs/node/pull/29122

PR-URL: https://github.com/nodejs/node/pull/29141
Reviewed-By: Beth Griggs <Bethany.Griggs@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
http2: allow security revert for Ping/Settings Flood 2019-08-15T07:51:53+00:00 Anna Henningsen anna@addaleax.net 2019-08-12T21:36:00+00:00 ec60b625b66288cb63d63a51b115661a8503e19e nghttp2 has updated its limit for outstanding Ping/Settings ACKs to 1000. This commit allows reverting to the old default of 10000. The associated CVEs are CVE-2019-9512/CVE-2019-9515. PR-URL: https://github.com/nodejs/node/pull/29122 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> 
nghttp2 has updated its limit for outstanding Ping/Settings ACKs
to 1000. This commit allows reverting to the old default of 10000.

The associated CVEs are CVE-2019-9512/CVE-2019-9515.

PR-URL: https://github.com/nodejs/node/pull/29122
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
http2: consider 0-length non-end DATA frames an error 2019-08-15T07:51:53+00:00 Anna Henningsen anna@addaleax.net 2019-08-10T21:37:58+00:00 695e38be69a780417eef32db744528c3c78d6b0b This is intended to mitigate CVE-2019-9518. PR-URL: https://github.com/nodejs/node/pull/29122 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> 
This is intended to mitigate CVE-2019-9518.

PR-URL: https://github.com/nodejs/node/pull/29122
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
http2: handle 0-length headers better 2019-08-15T07:51:52+00:00 Anna Henningsen anna@addaleax.net 2019-08-10T21:10:54+00:00 b4cfa521b8b0fbe5ee5815fcac3614cc0960f7d9 Ignore headers with 0-length names and track memory for headers the way we track it for other HTTP/2 session memory too. This is intended to mitigate CVE-2019-9516. PR-URL: https://github.com/nodejs/node/pull/29122 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> 
Ignore headers with 0-length names and track memory for headers
the way we track it for other HTTP/2 session memory too.

This is intended to mitigate CVE-2019-9516.

PR-URL: https://github.com/nodejs/node/pull/29122
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
http2: limit number of rejected stream openings 2019-08-15T07:50:30+00:00 Anna Henningsen anna@addaleax.net 2019-08-10T20:27:48+00:00 474577cf54c3a5f48dec8ab88bd2d03881e2ac02 Limit the number of streams that are rejected upon creation. Since each such rejection is associated with an `NGHTTP2_ENHANCE_YOUR_CALM` error that should tell the peer to not open any more streams, continuing to open streams should be read as a sign of a misbehaving peer. The limit is currently set to 100 but could be changed or made configurable. This is intended to mitigate CVE-2019-9514. PR-URL: https://github.com/nodejs/node/pull/29122 Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> 
Limit the number of streams that are rejected upon creation. Since
each such rejection is associated with an `NGHTTP2_ENHANCE_YOUR_CALM`
error that should tell the peer to not open any more streams,
continuing to open streams should be read as a sign of a misbehaving
peer. The limit is currently set to 100 but could be changed or made
configurable.

This is intended to mitigate CVE-2019-9514.

PR-URL: https://github.com/nodejs/node/pull/29122
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
src: pass along errors from `--security-reverts` 2019-01-22T21:53:26+00:00 Anna Henningsen anna@addaleax.net 2019-01-12T19:55:58+00:00 38ab1e9ade1e473f1c0b7a1e7535d41654506a3d Pass along errors from `Revert()` when a security revert is unknown (which currently applies to all possible values). Previously, we would unconditionally call `exit()`, which is not nice for embedding use cases, and could crash because we were holding a lock for a mutex in `ProcessGlobalArgs()` that would be destroyed by calling `exit()`. Also, add a regression test that makes sure that the process exits with the right exit code and not a crash. PR-URL: https://github.com/nodejs/node/pull/25466 Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> 
Pass along errors from `Revert()` when a security revert
is unknown (which currently applies to all possible values).

Previously, we would unconditionally call `exit()`, which is
not nice for embedding use cases, and could crash because we
were holding a lock for a mutex in `ProcessGlobalArgs()` that
would be destroyed by calling `exit()`.

Also, add a regression test that makes sure that the process
exits with the right exit code and not a crash.

PR-URL: https://github.com/nodejs/node/pull/25466
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
src: move per-process global variables into node::per_process 2019-01-07T23:28:16+00:00 Joyee Cheung joyeec9h3@gmail.com 2019-01-01T05:56:53+00:00 9db9e7e541c1ff9a30b7f1b61c6d3a7b6d30fab3 So that it's easier to tell whether we are manipulating per-process global states that may need to be treated with care to avoid races. Also added comments about these variables and moved some of them to a more suitable compilation unit: - Move `v8_initialized` to `util.h` since it's only used in `util.cc` and `node.cc` - Rename `process_mutex` to `tty_mutex` and move it into `node_errors.cc` since that's the only place it's used to guard the tty. - Move `per_process_opts_mutex` and `per_process_opts` into `node_options.h` and rename them to `per_process::cli_options[_mutex]` - Rename `node_isolate[_mutex]` to `per_process::main_isolate[_mutex]` PR-URL: https://github.com/nodejs/node/pull/25302 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> 
So that it's easier to tell whether we are manipulating per-process
global states that may need to be treated with care to avoid races.

Also added comments about these variables and moved some of them
to a more suitable compilation unit:

- Move `v8_initialized` to `util.h` since it's only used in
  `util.cc` and `node.cc`
- Rename `process_mutex` to `tty_mutex` and move it into
  `node_errors.cc` since that's the only place it's used
  to guard the tty.
- Move `per_process_opts_mutex` and `per_process_opts`
  into `node_options.h` and rename them to
  `per_process::cli_options[_mutex]`
- Rename `node_isolate[_mutex]` to `per_process::main_isolate[_mutex]`

PR-URL: https://github.com/nodejs/node/pull/25302
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
meta: merge TSC and CTC back into a single body 2017-08-29T15:39:25+00:00 James M Snell jasnell@gmail.com 2017-08-22T05:44:50+00:00 f3eb193a3019d79a82cec8b561e028e4e37a7b87 PR-URL: https://github.com/nodejs/node/pull/14973 Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Evan Lucas <evanlucas@me.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Myles Borins <myles.borins@gmail.com> Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com> Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> 
PR-URL: https://github.com/nodejs/node/pull/14973
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@ohtsu.org>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
src: minor cleanup for node_revert 2017-08-18T22:02:12+00:00 James M Snell jasnell@gmail.com 2017-08-16T16:34:37+00:00 35f6e59dfce2f4f525d02d84aabe26bf111de567 Make the revert related functions inline to eliminate the need for node_revert.cc, prefix the constants and the def, other misc cleanup PR-URL: https://github.com/nodejs/node/pull/14864 Reviewed-By: Anna Henningsen <anna@addaleax.net> 
Make the revert related functions inline to eliminate the need
for node_revert.cc, prefix the constants and the def, other misc
cleanup

PR-URL: https://github.com/nodejs/node/pull/14864
Reviewed-By: Anna Henningsen <anna@addaleax.net>
src: add include guards to internal headers 2016-05-25T07:54:24+00:00 Ben Noordhuis info@bnoordhuis.nl 2016-05-24T07:54:05+00:00 eff96d32dc3dce00f6dc60461d43328965cb214f For consistency with the newly added src/base64.h header, check that NODE_WANT_INTERNALS is defined and set in internal headers. PR-URL: https://github.com/nodejs/node/pull/6948 Refs: https://github.com/nodejs/node/pull/6910 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Trevor Norris <trev.norris@gmail.com> 
For consistency with the newly added src/base64.h header, check that
NODE_WANT_INTERNALS is defined and set in internal headers.

PR-URL: https://github.com/nodejs/node/pull/6948
Refs: https://github.com/nodejs/node/pull/6910
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>