diff options
| author | seb <sebastian.messier@gmail.com> | 2024-08-20 14:25:41 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-08-20 21:25:41 +0000 |
| commit | a3a54bc747abe8ca4cd7b0bdbb3e5276a062e914 (patch) | |
| tree | b19daffbd66872fd00ce54e7a87da6c02d34e3a8 /ext/net | |
| parent | 37279e0b0a4300318da472bf0a8bdb894746537f (diff) | |
fix(ext/net): validate port in Deno.{connect,serve,listen} (#24399)
Co-authored-by: Will Leach <4619280+melbourne2991@users.noreply.github.com>
Co-authored-by: Luca Casonato <hello@lcas.dev>
Co-authored-by: David Sherret <dsherret@gmail.com>
Diffstat (limited to 'ext/net')
| -rw-r--r-- | ext/net/01_net.js | 31 | ||||
| -rw-r--r-- | ext/net/02_tls.js | 6 |
2 files changed, 31 insertions, 6 deletions
diff --git a/ext/net/01_net.js b/ext/net/01_net.js index 536f79bbf..a41a27543 100644 --- a/ext/net/01_net.js +++ b/ext/net/01_net.js @@ -33,9 +33,12 @@ const UDP_DGRAM_MAXSIZE = 65507; const { Error, Number, + NumberIsNaN, + NumberIsInteger, ObjectPrototypeIsPrototypeOf, ObjectDefineProperty, PromiseResolve, + RangeError, SafeSet, SetPrototypeAdd, SetPrototypeDelete, @@ -531,10 +534,11 @@ const listenOptionApiName = Symbol("listenOptionApiName"); function listen(args) { switch (args.transport ?? "tcp") { case "tcp": { + const port = validatePort(args.port); const { 0: rid, 1: addr } = op_net_listen_tcp( { hostname: args.hostname ?? "0.0.0.0", - port: Number(args.port), + port, }, args.reusePort, args.loadBalanced ?? false, @@ -558,14 +562,33 @@ function listen(args) { } } +function validatePort(maybePort) { + if (typeof maybePort !== "number" && typeof maybePort !== "string") { + throw new TypeError(`Invalid port (expected number): ${maybePort}`); + } + if (maybePort === "") throw new TypeError("Invalid port: ''"); + const port = Number(maybePort); + if (!NumberIsInteger(port)) { + if (NumberIsNaN(port) && !NumberIsNaN(maybePort)) { + throw new TypeError(`Invalid port: '${maybePort}'`); + } else { + throw new TypeError(`Invalid port: ${maybePort}`); + } + } else if (port < 0 || port > 65535) { + throw new RangeError(`Invalid port (out of range): ${maybePort}`); + } + return port; +} + function createListenDatagram(udpOpFn, unixOpFn) { return function listenDatagram(args) { switch (args.transport) { case "udp": { + const port = validatePort(args.port); const { 0: rid, 1: addr } = udpOpFn( { hostname: args.hostname ?? "127.0.0.1", - port: args.port, + port, }, args.reuseAddress ?? false, args.loopback ?? false, @@ -590,10 +613,11 @@ function createListenDatagram(udpOpFn, unixOpFn) { async function connect(args) { switch (args.transport ?? "tcp") { case "tcp": { + const port = validatePort(args.port); const { 0: rid, 1: localAddr, 2: remoteAddr } = await op_net_connect_tcp( { hostname: args.hostname ?? "127.0.0.1", - port: args.port, + port, }, ); localAddr.transport = "tcp"; @@ -626,4 +650,5 @@ export { shutdown, TcpConn, UnixConn, + validatePort, }; diff --git a/ext/net/02_tls.js b/ext/net/02_tls.js index 81bcfb3bd..f6197e159 100644 --- a/ext/net/02_tls.js +++ b/ext/net/02_tls.js @@ -17,13 +17,12 @@ import { op_tls_start, } from "ext:core/ops"; const { - Number, ObjectDefineProperty, TypeError, SymbolFor, } = primordials; -import { Conn, Listener } from "ext:deno_net/01_net.js"; +import { Conn, Listener, validatePort } from "ext:deno_net/01_net.js"; class TlsConn extends Conn { #rid = 0; @@ -259,6 +258,7 @@ function listenTls({ if (transport !== "tcp") { throw new TypeError(`Unsupported transport: '${transport}'`); } + port = validatePort(port); if (!hasTlsKeyPairOptions(arguments[0])) { throw new TypeError( @@ -267,7 +267,7 @@ function listenTls({ } const keyPair = loadTlsKeyPair("Deno.listenTls", arguments[0]); const { 0: rid, 1: localAddr } = op_net_listen_tls( - { hostname, port: Number(port) }, + { hostname, port }, { alpnProtocols, reusePort }, keyPair, ); |