tls_wrap: slice buffer properly in `ClearOut`

Fix incorrect slicing of cleartext buffer in `TLSWrap::ClearOut`.

Fix: https://github.com/nodejs/node/issues/4161
PR-URL: https://github.com/nodejs/node/pull/4184
Reviewed-By: Brian White <mscdex@mscdex.net>

diff --git a/src/tls_wrap.cc b/src/tls_wrap.cc
index fc00893..7d83c79 100644 (file)
--- a/src/tls_wrap.cc
+++ b/src/tls_wrap.cc
@@ -409,6 +409,7 @@ void TLSWrap::ClearOut() {
     if (read <= 0)
       break;
 
+    char* current = out;
     while (read > 0) {
       int avail = read;
 
@@ -416,10 +417,11 @@ void TLSWrap::ClearOut() {
       OnAlloc(avail, &buf);
       if (static_cast<int>(buf.len) < avail)
         avail = buf.len;
-      memcpy(buf.base, out, avail);
+      memcpy(buf.base, current, avail);
       OnRead(avail, &buf);
 
       read -= avail;
+      current += avail;
     }
   }
 

diff --git a/test/parallel/test-tls-inception.js b/test/parallel/test-tls-inception.js
index df03cf9..12b9f95 100644 (file)
--- a/test/parallel/test-tls-inception.js
+++ b/test/parallel/test-tls-inception.js
@@ -15,6 +15,8 @@ var net = require('net');
 var options, a, b, portA, portB;
 var gotHello = false;
 
+var body = new Buffer(4000).fill('A');
+
 options = {
   key: fs.readFileSync(path.join(common.fixturesDir, 'test_key.pem')),
   cert: fs.readFileSync(path.join(common.fixturesDir, 'test_cert.pem'))
@@ -38,7 +40,7 @@ a = tls.createServer(options, function(socket) {
 
 // the "target" server
 b = tls.createServer(options, function(socket) {
-  socket.end('hello');
+  socket.end(body);
 });
 
 process.on('exit', function() {
@@ -59,11 +61,13 @@ a.listen(common.PORT, function() {
       rejectUnauthorized: false
     });
     ssl.setEncoding('utf8');
+    var buf = '';
     ssl.once('data', function(data) {
-      assert.equal('hello', data);
+      buf += data;
       gotHello = true;
     });
     ssl.on('end', function() {
+      assert.equal(buf, body);
       ssl.end();
       a.close();
       b.close();