indutny/1.patch Secret

## 1.patch
From 78e38f59ad9f7fbb6a68a5f254aec7d9bae428c3 Mon Sep 17 00:00:00 2001
From: Ben Noordhuis <info@bnoordhuis.nl>
Date: Sat, 25 Oct 2014 07:27:21 +0200
Subject: [PATCH] src: fix uninitialized memory dereference

The elements of the heap-allocated TaskQueue::ring_ array in
src/node_v8_platform.cc were compared against without being
initialized first.

Fixes node-forward/node#33.

PR-URL: https://github.com/node-forward/node/pull/34
Reviewed-By: Fedor Indutny <fedor@indutny.com>
---
 src/node_v8_platform.cc | 14 ++++----------
 src/node_v8_platform.h  |  8 +++++---
 2 files changed, 9 insertions(+), 13 deletions(-)

diff --git a/src/node_v8_platform.cc b/src/node_v8_platform.cc
index d71fdd4..aed4661 100644
--- a/src/node_v8_platform.cc
+++ b/src/node_v8_platform.cc
@@ -98,12 +98,9 @@ void Platform::WorkerBody(void* arg) {
 TaskQueue::TaskQueue() {
   int err;

-  static_assert(kRingSize == (kRingSize & (~(kRingSize - 1))),
-                "kRingSize is not a power of two");
+  for (size_t i = 0; i < ARRAY_SIZE(ring_); i += 1)
+    ring_[i] = nullptr;

-  size_ = kRingSize;
-  ring_ = new Task*[size_];
-  mask_ = size_ - 1;
   read_off_ = 0;
   write_off_ = 0;

@@ -120,9 +117,6 @@ TaskQueue::TaskQueue() {

 TaskQueue::~TaskQueue() {
   CHECK_EQ(read_off_, write_off_);
-
-  delete[] ring_;
-  ring_ = nullptr;
   uv_sem_destroy(&sem_);
   uv_cond_destroy(&cond_);
   uv_mutex_destroy(&mutex_);
@@ -138,7 +132,7 @@ void TaskQueue::Push(Task* task) {

   ring_[write_off_] = task;
   write_off_++;
-  write_off_ &= mask_;
+  write_off_ &= kRingMask;
   uv_mutex_unlock(&mutex_);

   uv_sem_post(&sem_);
@@ -154,7 +148,7 @@ Task* TaskQueue::Shift() {
   uv_cond_signal(&cond_);

   read_off_++;
-  read_off_ &= mask_;
+  read_off_ &= kRingMask;
   uv_mutex_unlock(&mutex_);

   return task;
diff --git a/src/node_v8_platform.h b/src/node_v8_platform.h
index 59bcdae..a51c3a1 100644
--- a/src/node_v8_platform.h
+++ b/src/node_v8_platform.h
@@ -37,15 +37,17 @@ class TaskQueue {

  private:
   static const unsigned int kRingSize = 1024;
+  static const unsigned int kRingMask = kRingSize - 1;
+
+  static_assert(kRingSize == (kRingSize & ~kRingMask),
+                "kRingSize is not a power of two");

   uv_sem_t sem_;
   uv_cond_t cond_;
   uv_mutex_t mutex_;
-  v8::Task** ring_;
-  unsigned int size_;
-  unsigned int mask_;
   unsigned int read_off_;
   unsigned int write_off_;
+  v8::Task* ring_[kRingSize];
 };

 class Platform : public v8::Platform {
	From 78e38f59ad9f7fbb6a68a5f254aec7d9bae428c3 Mon Sep 17 00:00:00 2001
	From: Ben Noordhuis <info@bnoordhuis.nl>
	Date: Sat, 25 Oct 2014 07:27:21 +0200
	Subject: [PATCH] src: fix uninitialized memory dereference

	The elements of the heap-allocated TaskQueue::ring_ array in
	src/node_v8_platform.cc were compared against without being
	initialized first.

	Fixes node-forward/node#33.

	PR-URL: https://github.com/node-forward/node/pull/34
	Reviewed-By: Fedor Indutny <fedor@indutny.com>
	---
	src/node_v8_platform.cc \| 14 ++++----------
	src/node_v8_platform.h \| 8 +++++---
	2 files changed, 9 insertions(+), 13 deletions(-)

	diff --git a/src/node_v8_platform.cc b/src/node_v8_platform.cc
	index d71fdd4..aed4661 100644
	--- a/src/node_v8_platform.cc
	+++ b/src/node_v8_platform.cc
	@@ -98,12 +98,9 @@ void Platform::WorkerBody(void* arg) {
	TaskQueue::TaskQueue() {
	int err;

	- static_assert(kRingSize == (kRingSize & (~(kRingSize - 1))),
	- "kRingSize is not a power of two");
	+ for (size_t i = 0; i < ARRAY_SIZE(ring_); i += 1)
	+ ring_[i] = nullptr;

	- size_ = kRingSize;
	- ring_ = new Task*[size_];
	- mask_ = size_ - 1;
	read_off_ = 0;
	write_off_ = 0;

	@@ -120,9 +117,6 @@ TaskQueue::TaskQueue() {

	TaskQueue::~TaskQueue() {
	CHECK_EQ(read_off_, write_off_);
	-
	- delete[] ring_;
	- ring_ = nullptr;
	uv_sem_destroy(&sem_);
	uv_cond_destroy(&cond_);
	uv_mutex_destroy(&mutex_);
	@@ -138,7 +132,7 @@ void TaskQueue::Push(Task* task) {

	ring_[write_off_] = task;
	write_off_++;
	- write_off_ &= mask_;
	+ write_off_ &= kRingMask;
	uv_mutex_unlock(&mutex_);

	uv_sem_post(&sem_);
	@@ -154,7 +148,7 @@ Task* TaskQueue::Shift() {
	uv_cond_signal(&cond_);

	read_off_++;
	- read_off_ &= mask_;
	+ read_off_ &= kRingMask;
	uv_mutex_unlock(&mutex_);

	return task;
	diff --git a/src/node_v8_platform.h b/src/node_v8_platform.h
	index 59bcdae..a51c3a1 100644
	--- a/src/node_v8_platform.h
	+++ b/src/node_v8_platform.h
	@@ -37,15 +37,17 @@ class TaskQueue {

	private:
	static const unsigned int kRingSize = 1024;
	+ static const unsigned int kRingMask = kRingSize - 1;
	+
	+ static_assert(kRingSize == (kRingSize & ~kRingMask),
	+ "kRingSize is not a power of two");

	uv_sem_t sem_;
	uv_cond_t cond_;
	uv_mutex_t mutex_;
	- v8::Task** ring_;
	- unsigned int size_;
	- unsigned int mask_;
	unsigned int read_off_;
	unsigned int write_off_;
	+ v8::Task* ring_[kRingSize];
	};

	class Platform : public v8::Platform {