zlib: fix use-after-free when reset() is called during write · nodejs/node@e992a34 · GitHub
Skip to content

Commit e992a34

Browse files
mcollinaaduh95
mcollina
authored and
aduh95
committed
zlib: fix use-after-free when reset() is called during write
The Reset() method did not check the write_in_progress_ flag before resetting the compression stream. This allowed reset() to free the compression library's internal state while a worker thread was still using it during an async write, causing a use-after-free. Add a write_in_progress_ guard to Reset() that throws an error if a write is in progress, matching the existing pattern used by Close() and Write(). PR-URL: TODO Refs: https://hackerone.com/reports/3609132 PR-URL: #62325 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
1 parent 1cdd23c commit e992a34

2 files changed

Lines changed: 29 additions & 0 deletions

File tree

src/node_zlib.cc

Lines changed: 6 additions & 0 deletions

test/parallel/test-zlib-reset-during-write.js

Lines changed: 23 additions & 0 deletions

0 commit comments

Comments
 (0)