fix(ext/node): timingSafeEqual account for AB byteOffset (#26292)

Fixes https://github.com/denoland/deno/issues/26276

1 files changed, 12 insertions, 9 deletions

diff --git a/ext/node/polyfills/internal_binding/_timingSafeEqual.ts b/ext/node/polyfills/internal_binding/_timingSafeEqual.ts
index ff141fdbf..559b7685b 100644
--- a/ext/node/polyfills/internal_binding/_timingSafeEqual.ts
+++ b/ext/node/polyfills/internal_binding/_timingSafeEqual.ts
@@ -5,10 +5,11 @@
 
 import { Buffer } from "node:buffer";
 
-function assert(cond) {
-  if (!cond) {
-    throw new Error("assertion failed");
+function toDataView(ab: ArrayBufferLike | ArrayBufferView): DataView {
+  if (ArrayBuffer.isView(ab)) {
+    return new DataView(ab.buffer, ab.byteOffset, ab.byteLength);
   }
+  return new DataView(ab);
 }
 
 /** Compare to array buffers or data views in a way that timing based attacks
@@ -21,13 +22,11 @@ function stdTimingSafeEqual(
     return false;
   }
   if (!(a instanceof DataView)) {
-    a = new DataView(ArrayBuffer.isView(a) ? a.buffer : a);
+    a = toDataView(a);
   }
   if (!(b instanceof DataView)) {
-    b = new DataView(ArrayBuffer.isView(b) ? b.buffer : b);
+    b = toDataView(b);
   }
-  assert(a instanceof DataView);
-  assert(b instanceof DataView);
   const length = a.byteLength;
   let out = 0;
   let i = -1;
@@ -41,7 +40,11 @@ export const timingSafeEqual = (
   a: Buffer | DataView | ArrayBuffer,
   b: Buffer | DataView | ArrayBuffer,
 ): boolean => {
-  if (a instanceof Buffer) a = new DataView(a.buffer);
-  if (a instanceof Buffer) b = new DataView(a.buffer);
+  if (a instanceof Buffer) {
+    a = new DataView(a.buffer, a.byteOffset, a.byteLength);
+  }
+  if (b instanceof Buffer) {
+    b = new DataView(b.buffer, b.byteOffset, b.byteLength);
+  }
   return stdTimingSafeEqual(a, b);
 };