projects / nodejs.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 371eadb) | patch
[PATCH] src,lib: refactor unsafe buffer creation to remove zero-fill toggle
authorСковорода Никита Андреевич <chalkerx@gmail.com>
Fri, 7 Nov 2025 14:50:57 +0000 (11:50 -0300)
committerJérémy Lal <kapouer@melix.org>
Thu, 5 Mar 2026 10:05:11 +0000 (11:05 +0100)
commit5260b3a748d7a30148b47ff0f273bac885c50c17
tree898021f84cfb5a9143a92c9b3db8107d7f6a96dctree | snapshot
parent371eadb6e804809caa3e359d2e282767e2693896commit | diff
[PATCH] src,lib: refactor unsafe buffer creation to remove zero-fill toggle

This removes the zero-fill toggle mechanism that allowed JavaScript
to control ArrayBuffer initialization via shared memory. Instead,
unsafe buffer creation now uses a dedicated C++ API.

Refs: https://hackerone.com/reports/3405778
Co-Authored-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Co-Authored-By: Joyee Cheung <joyeec9h3@gmail.com>
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
PR-URL: https://github.com/nodejs-private/node-private/pull/759
Backport-PR-URL: https://github.com/nodejs-private/node-private/pull/799
CVE-ID: CVE-2025-55131

Gbp-Pq: Topic sec
Gbp-Pq: Name 38-refactor-unsafe-buffer-creation-to-remove-zero-fill-toggle.patch
deps/v8/include/v8-array-buffer.h diff | blob | history
deps/v8/src/api/api.cc diff | blob | history
lib/internal/buffer.js diff | blob | history
lib/internal/process/pre_execution.js diff | blob | history
src/api/environment.cc diff | blob | history
src/node_buffer.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.