projects / nodejs.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4461368) | patch
src,lib: refactor unsafe buffer creation to remove zero-fill toggle
authorChALkeR Nikita Skovoroda <chalkerx@gmail.com>
Mon, 6 Apr 2026 14:13:34 +0000 (16:13 +0200)
committerBastien Roucariès <rouca@debian.org>
Mon, 6 Apr 2026 14:18:52 +0000 (16:18 +0200)
commit0bc225250e15abe4c2a3b3190f3550d33c9902d9
treee41484e43bb8cdaef058d5f37396b4461279b656tree | snapshot
parent44613686d1c36873fda02bc93ae7c76b9fe0ffb2commit | diff
src,lib: refactor unsafe buffer creation to remove zero-fill toggle

This removes the zero-fill toggle mechanism that allowed JavaScript
to control ArrayBuffer initialization via shared memory. Instead,
unsafe buffer creation now uses a dedicated C++ API.

Refs: https://hackerone.com/reports/3405778
Co-Authored-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Co-Authored-By: Joyee Cheung <joyeec9h3@gmail.com>
Signed-off-by: RafaelGSS <rafael.nunu@hotmail.com>
PR-URL: https://github.com/nodejs-private/node-private/pull/759
Backport-PR-URL: https://github.com/nodejs-private/node-private/pull/799
CVE-ID: CVE-2025-55131

origin: backport, https://github.com/nodejs/node/commit/51f4de4b4a52b5b0eb2c63ecbb4126577e05f636

Gbp-Pq: Name CVE-2025-55131.patch
deps/v8/include/v8-array-buffer.h diff | blob | history
deps/v8/src/api/api.cc diff | blob | history
lib/internal/buffer.js diff | blob | history
lib/internal/process/pre_execution.js diff | blob | history
src/api/environment.cc diff | blob | history
src/node_buffer.cc diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.