diff --git a/lib/internal/errors.js b/lib/internal/errors.js index 58eba742e08685..ebec2d97a00321 100644 --- a/lib/internal/errors.js +++ b/lib/internal/errors.js @@ -825,10 +825,11 @@ E('ERR_NO_ICU', '%s is not supported on Node.js compiled without ICU', TypeError); E('ERR_NO_LONGER_SUPPORTED', '%s is no longer supported', Error); E('ERR_OUT_OF_RANGE', - (name, range, value) => { - let msg = `The value of "${name}" is out of range.`; + (str, range, input, replaceDefaultBoolean = false) => { + let msg = replaceDefaultBoolean ? str : + `The value of "${str}" is out of range.`; if (range !== undefined) msg += ` It must be ${range}.`; - msg += ` Received ${value}`; + msg += ` Received ${input}`; return msg; }, RangeError); E('ERR_REQUIRE_ESM', 'Must use import to load ES Module: %s', Error); diff --git a/lib/tls.js b/lib/tls.js index f771a661d07692..4207364ad82969 100644 --- a/lib/tls.js +++ b/lib/tls.js @@ -21,7 +21,10 @@ 'use strict'; -const { ERR_TLS_CERT_ALTNAME_INVALID } = require('internal/errors').codes; +const { + ERR_TLS_CERT_ALTNAME_INVALID, + ERR_OUT_OF_RANGE +} = require('internal/errors').codes; const internalUtil = require('internal/util'); const internalTLS = require('internal/tls'); internalUtil.assertCrypto(); @@ -60,6 +63,10 @@ function convertProtocols(protocols) { const lens = new Array(protocols.length); const buff = Buffer.allocUnsafe(protocols.reduce((p, c, i) => { var len = Buffer.byteLength(c); + if (len > 255) { + throw new ERR_OUT_OF_RANGE('The byte length of the protocol at index ' + + `${i} exceeds the maximum length.`, '<= 255', len, true); + } lens[i] = len; return p + 1 + len; }, 0)); diff --git a/test/parallel/test-tls-basic-validations.js b/test/parallel/test-tls-basic-validations.js index d0082edb463181..8d39b8d45c9c65 100644 --- a/test/parallel/test-tls-basic-validations.js +++ b/test/parallel/test-tls-basic-validations.js @@ -102,3 +102,16 @@ common.expectsError( assert(out.ALPNProtocols.equals(Buffer.from(expectView))); } } + +{ + const protocols = [(new String('a')).repeat(500)]; + const out = {}; + common.expectsError( + () => tls.convertALPNProtocols(protocols, out), + { + code: 'ERR_OUT_OF_RANGE', + message: 'The byte length of the protocol at index 0 exceeds the ' + + 'maximum length. It must be <= 255. Received 500' + } + ); +}