node/lib at v4.x - node - Carlos Sousa's Git

OSSForks/node

mirror of https://github.com/zebrajr/node.git synced 2026-01-15 12:15:26 +00:00

Files

History

Myles Borins bf00665af6 path: unwind regular expressions in Windows

This is the second part to removing REDOS vulnerabilities from v4.x

The function `splitTailRe` exposed a REDOS vulnerability. It was only
utilized in the Windows implementation of a number of the path utilities.
In v6.x a change landed that unwound this regular expression, and in
turn patched the vulnerability.

This commit copies the unwound implementation currently found on v8.x.
It is completely self contained. I attempted to keep all warnings
and deprecations the same as the v4.x implementation, but may have
missed something buried in the large unwound functions.

Refs: https://github.com/nodejs/node/commit/b212be08f6

2018-02-22 17:47:13 -05:00

..

child_process: refactor internal/child_process.js

2017-03-08 17:29:25 -08:00

_debug_agent.js

debugger: make listen address configurable

2016-11-22 14:02:28 +08:00

_debugger.js

debugger: call this.resume() after this.run()

2017-01-31 20:04:29 -05:00

_http_agent.js

https: fix memory leak with https.request()

2016-11-18 15:40:20 -05:00

_http_client.js

http: use Buffer.from to avoid Buffer(num) call

2017-07-10 10:59:41 +01:00

_http_common.js

http: fix connection upgrade checks

2016-11-22 16:01:03 +08:00

_http_incoming.js

http: fix no dumping after maybeReadMore

2016-07-14 12:44:41 -07:00

_http_outgoing.js

http: fix connection upgrade checks

2016-11-22 16:01:03 +08:00

_http_server.js

src: unconsume stream fix in internal http impl

2017-03-08 17:29:36 -08:00

_linklist.js

lib: changed var to const in linkedlist

2016-11-22 14:23:37 +08:00

_stream_duplex.js

node: allow multiple arguments passed to nextTick

2015-04-15 17:02:21 -06:00

_stream_passthrough.js

lib: use const to define constants

2015-01-21 16:21:31 -05:00

_stream_readable.js

streams: fix regression in unpipe()

2016-11-14 11:39:59 -05:00

_stream_transform.js

stream: prevent object map change in TransformState

2016-03-21 12:57:54 -07:00

_stream_wrap.js

test,lib,benchmark: match function names

2017-01-31 20:04:27 -05:00

_stream_writable.js

test,lib,benchmark: match function names

2017-01-31 20:04:27 -05:00

_tls_common.js

crypto: freelist_max_len is gone in OpenSSL 1.1.0

2017-03-08 17:29:46 -08:00

_tls_legacy.js

tls, crypto: add ALPN Support

2017-01-31 20:04:27 -05:00

_tls_wrap.js

Partial revert "tls: keep track of stream that is closed"

2017-04-18 20:08:38 -04:00

.eslintrc.yaml

tools: rename eslintrc to an undeprecated format

2017-03-08 17:29:48 -08:00

assert.js

assert: remove unneeded condition

2017-03-08 17:29:27 -08:00

buffer.js

buffer: improve toJSON() performance

2017-03-08 17:29:47 -08:00

child_process.js

child_process: remove empty if condition

2017-03-08 17:29:25 -08:00

cluster.js

cluster: remove bind() and self

2016-10-26 14:09:01 -04:00

console.js

console: check that stderr is writable

2016-03-30 13:12:14 -07:00

constants.js

Remove excessive copyright/license boilerplate

2015-01-12 15:30:28 -08:00

crypto.js

streams: refactor LazyTransform to internal/

2015-09-15 13:53:21 -04:00

dgram.js

dgram: fix possibly deoptimizing use of arguments

2017-03-09 13:22:19 -08:00

dns.js

dns: tweak regex for IPv6 addresses

2016-10-26 14:09:18 -04:00

domain.js

test,lib,benchmark: match function names

2017-01-31 20:04:27 -05:00

events.js

events: pass the original listener added by once

2016-11-22 15:55:16 +08:00

freelist.js

lib,test: add freelist deprecation and test

2015-07-17 19:48:31 -07:00

fs.js

fs: add the fs.mkdtemp() function.

2017-01-31 20:04:27 -05:00

http.js

lib,src: remove usage of events.EventEmitter

2015-09-23 08:39:34 +10:00

https.js

tls, crypto: add ALPN Support

2017-01-31 20:04:27 -05:00

module.js

module: fix loading from global folders on Windows

2017-04-18 20:08:37 -04:00

net.js

net: prefer === to ==

2017-03-08 17:29:19 -08:00

os.js

lib: refactor code with startsWith/endsWith

2016-04-08 17:16:43 -04:00

path.js

path: unwind regular expressions in Windows

2018-02-22 17:47:13 -05:00

process.js

src: remove excessive license boilerplate

2015-01-27 16:35:05 +11:00

punycode.js

lib: add missing new for errors lib/*.js

2015-03-24 12:42:15 -07:00

querystring.js

querystring: don't stringify bad surrogate pair

2016-04-11 11:10:47 -04:00

readline.js

readline: refactor construct Interface

2017-03-08 17:29:43 -08:00

repl.js

repl: refactor lib/repl.js

2016-12-13 16:25:30 -05:00

stream.js

lib,src: remove usage of events.EventEmitter

2015-09-23 08:39:34 +10:00

string_decoder.js

string_decoder: fix performance regression

2016-03-21 12:57:54 -07:00

sys.js

util: introduce printDeprecationMessage function

2015-06-04 10:59:43 +03:00

timers.js

lib,test: use consistent operator linebreak style

2017-01-31 20:04:31 -05:00

tls.js

tls: copy the Buffer object before using

2017-01-31 20:04:28 -05:00

tty.js

tty: avoid oob warning in TTYWrap::GetWindowSize()

2017-03-08 17:29:23 -08:00

url.js

lib: remove let from for loops

2016-11-14 11:39:59 -05:00

util.js

util: don't init Debug if it's not needed yet

2017-03-08 17:29:54 -08:00

v8.js

lib,src: support values > 4GB in heap statistics

2017-03-08 17:29:18 -08:00

vm.js

lib: reduce util.is*() usage

2015-01-31 23:47:29 -05:00

zlib.js

zlib: fix node crashing on invalid options

2017-10-25 04:25:41 -04:00