Compare commits
2 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
| ddb7c093d6 | |||
| ff9fb914dd |
+100
-12
@@ -932,6 +932,24 @@ function requireErrors () {
|
||||
[kSecureProxyConnectionError] = true
|
||||
}
|
||||
|
||||
const kMessageSizeExceededError = Symbol.for('undici.error.UND_ERR_WS_MESSAGE_SIZE_EXCEEDED');
|
||||
class MessageSizeExceededError extends UndiciError {
|
||||
constructor (message) {
|
||||
super(message);
|
||||
this.name = 'MessageSizeExceededError';
|
||||
this.message = message || 'Max decompressed message size exceeded';
|
||||
this.code = 'UND_ERR_WS_MESSAGE_SIZE_EXCEEDED';
|
||||
}
|
||||
|
||||
static [Symbol.hasInstance] (instance) {
|
||||
return instance && instance[kMessageSizeExceededError] === true
|
||||
}
|
||||
|
||||
get [kMessageSizeExceededError] () {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
errors = {
|
||||
AbortError,
|
||||
HTTPParserError,
|
||||
@@ -955,7 +973,8 @@ function requireErrors () {
|
||||
ResponseExceededMaxSizeError,
|
||||
RequestRetryError,
|
||||
ResponseError,
|
||||
SecureProxyConnectionError
|
||||
SecureProxyConnectionError,
|
||||
MessageSizeExceededError
|
||||
};
|
||||
return errors;
|
||||
}
|
||||
@@ -2256,6 +2275,10 @@ function requireRequest$1 () {
|
||||
throw new InvalidArgumentError('upgrade must be a string')
|
||||
}
|
||||
|
||||
if (upgrade && !isValidHeaderValue(upgrade)) {
|
||||
throw new InvalidArgumentError('invalid upgrade header')
|
||||
}
|
||||
|
||||
if (headersTimeout != null && (!Number.isFinite(headersTimeout) || headersTimeout < 0)) {
|
||||
throw new InvalidArgumentError('invalid headersTimeout')
|
||||
}
|
||||
@@ -2550,13 +2573,19 @@ function requireRequest$1 () {
|
||||
val = `${val}`;
|
||||
}
|
||||
|
||||
if (request.host === null && headerName === 'host') {
|
||||
if (headerName === 'host') {
|
||||
if (request.host !== null) {
|
||||
throw new InvalidArgumentError('duplicate host header')
|
||||
}
|
||||
if (typeof val !== 'string') {
|
||||
throw new InvalidArgumentError('invalid host header')
|
||||
}
|
||||
// Consumed by Client
|
||||
request.host = val;
|
||||
} else if (request.contentLength === null && headerName === 'content-length') {
|
||||
} else if (headerName === 'content-length') {
|
||||
if (request.contentLength !== null) {
|
||||
throw new InvalidArgumentError('duplicate content-length header')
|
||||
}
|
||||
request.contentLength = parseInt(val, 10);
|
||||
if (!Number.isFinite(request.contentLength)) {
|
||||
throw new InvalidArgumentError('invalid content-length header')
|
||||
@@ -24913,6 +24942,12 @@ function requireUtil$1 () {
|
||||
* @param {string} value
|
||||
*/
|
||||
function isValidClientWindowBits (value) {
|
||||
// Must have at least one character
|
||||
if (value.length === 0) {
|
||||
return false
|
||||
}
|
||||
|
||||
// Check all characters are ASCII digits
|
||||
for (let i = 0; i < value.length; i++) {
|
||||
const byte = value.charCodeAt(i);
|
||||
|
||||
@@ -24921,7 +24956,9 @@ function requireUtil$1 () {
|
||||
}
|
||||
}
|
||||
|
||||
return true
|
||||
// Check numeric range: zlib requires windowBits in range 8-15
|
||||
const num = Number.parseInt(value, 10);
|
||||
return num >= 8 && num <= 15
|
||||
}
|
||||
|
||||
// https://nodejs.org/api/intl.html#detecting-internationalization-support
|
||||
@@ -25451,17 +25488,30 @@ function requirePermessageDeflate () {
|
||||
|
||||
const { createInflateRaw, Z_DEFAULT_WINDOWBITS } = require$$1$2;
|
||||
const { isValidClientWindowBits } = requireUtil$1();
|
||||
const { MessageSizeExceededError } = requireErrors();
|
||||
|
||||
const tail = Buffer.from([0x00, 0x00, 0xff, 0xff]);
|
||||
const kBuffer = Symbol('kBuffer');
|
||||
const kLength = Symbol('kLength');
|
||||
|
||||
// Default maximum decompressed message size: 4 MB
|
||||
const kDefaultMaxDecompressedSize = 4 * 1024 * 1024;
|
||||
|
||||
class PerMessageDeflate {
|
||||
/** @type {import('node:zlib').InflateRaw} */
|
||||
#inflate
|
||||
|
||||
#options = {}
|
||||
|
||||
/** @type {boolean} */
|
||||
#aborted = false
|
||||
|
||||
/** @type {Function|null} */
|
||||
#currentCallback = null
|
||||
|
||||
/**
|
||||
* @param {Map<string, string>} extensions
|
||||
*/
|
||||
constructor (extensions) {
|
||||
this.#options.serverNoContextTakeover = extensions.has('server_no_context_takeover');
|
||||
this.#options.serverMaxWindowBits = extensions.get('server_max_window_bits');
|
||||
@@ -25473,6 +25523,11 @@ function requirePermessageDeflate () {
|
||||
// payload of the message.
|
||||
// 2. Decompress the resulting data using DEFLATE.
|
||||
|
||||
if (this.#aborted) {
|
||||
callback(new MessageSizeExceededError());
|
||||
return
|
||||
}
|
||||
|
||||
if (!this.#inflate) {
|
||||
let windowBits = Z_DEFAULT_WINDOWBITS;
|
||||
|
||||
@@ -25485,13 +25540,37 @@ function requirePermessageDeflate () {
|
||||
windowBits = Number.parseInt(this.#options.serverMaxWindowBits);
|
||||
}
|
||||
|
||||
this.#inflate = createInflateRaw({ windowBits });
|
||||
try {
|
||||
this.#inflate = createInflateRaw({ windowBits });
|
||||
} catch (err) {
|
||||
callback(err);
|
||||
return
|
||||
}
|
||||
this.#inflate[kBuffer] = [];
|
||||
this.#inflate[kLength] = 0;
|
||||
|
||||
this.#inflate.on('data', (data) => {
|
||||
this.#inflate[kBuffer].push(data);
|
||||
if (this.#aborted) {
|
||||
return
|
||||
}
|
||||
|
||||
this.#inflate[kLength] += data.length;
|
||||
|
||||
if (this.#inflate[kLength] > kDefaultMaxDecompressedSize) {
|
||||
this.#aborted = true;
|
||||
this.#inflate.removeAllListeners();
|
||||
this.#inflate.destroy();
|
||||
this.#inflate = null;
|
||||
|
||||
if (this.#currentCallback) {
|
||||
const cb = this.#currentCallback;
|
||||
this.#currentCallback = null;
|
||||
cb(new MessageSizeExceededError());
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
this.#inflate[kBuffer].push(data);
|
||||
});
|
||||
|
||||
this.#inflate.on('error', (err) => {
|
||||
@@ -25500,16 +25579,22 @@ function requirePermessageDeflate () {
|
||||
});
|
||||
}
|
||||
|
||||
this.#currentCallback = callback;
|
||||
this.#inflate.write(chunk);
|
||||
if (fin) {
|
||||
this.#inflate.write(tail);
|
||||
}
|
||||
|
||||
this.#inflate.flush(() => {
|
||||
if (this.#aborted || !this.#inflate) {
|
||||
return
|
||||
}
|
||||
|
||||
const full = Buffer.concat(this.#inflate[kBuffer], this.#inflate[kLength]);
|
||||
|
||||
this.#inflate[kBuffer].length = 0;
|
||||
this.#inflate[kLength] = 0;
|
||||
this.#currentCallback = null;
|
||||
|
||||
callback(null, full);
|
||||
});
|
||||
@@ -25564,6 +25649,10 @@ function requireReceiver () {
|
||||
/** @type {Map<string, PerMessageDeflate>} */
|
||||
#extensions
|
||||
|
||||
/**
|
||||
* @param {import('./websocket').WebSocket} ws
|
||||
* @param {Map<string, string>|null} extensions
|
||||
*/
|
||||
constructor (ws, extensions) {
|
||||
super();
|
||||
|
||||
@@ -25706,6 +25795,7 @@ function requireReceiver () {
|
||||
|
||||
const buffer = this.consume(8);
|
||||
const upper = buffer.readUInt32BE(0);
|
||||
const lower = buffer.readUInt32BE(4);
|
||||
|
||||
// 2^31 is the maximum bytes an arraybuffer can contain
|
||||
// on 32-bit systems. Although, on 64-bit systems, this is
|
||||
@@ -25713,14 +25803,12 @@ function requireReceiver () {
|
||||
// https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/Invalid_array_length
|
||||
// https://source.chromium.org/chromium/chromium/src/+/main:v8/src/common/globals.h;drc=1946212ac0100668f14eb9e2843bdd846e510a1e;bpv=1;bpt=1;l=1275
|
||||
// https://source.chromium.org/chromium/chromium/src/+/main:v8/src/objects/js-array-buffer.h;l=34;drc=1946212ac0100668f14eb9e2843bdd846e510a1e
|
||||
if (upper > 2 ** 31 - 1) {
|
||||
if (upper !== 0 || lower > 2 ** 31 - 1) {
|
||||
failWebsocketConnection(this.ws, 'Received payload length > 2^31 bytes.');
|
||||
return
|
||||
}
|
||||
|
||||
const lower = buffer.readUInt32BE(4);
|
||||
|
||||
this.#info.payloadLength = (upper << 8) + lower;
|
||||
this.#info.payloadLength = lower;
|
||||
this.#state = parserStates.READ_DATA;
|
||||
} else if (this.#state === parserStates.READ_DATA) {
|
||||
if (this.#byteOffset < this.#info.payloadLength) {
|
||||
@@ -25750,7 +25838,7 @@ function requireReceiver () {
|
||||
} else {
|
||||
this.#extensions.get('permessage-deflate').decompress(body, this.#info.fin, (error, data) => {
|
||||
if (error) {
|
||||
closeWebSocketConnection(this.ws, 1007, error.message, error.message.length);
|
||||
failWebsocketConnection(this.ws, error.message);
|
||||
return
|
||||
}
|
||||
|
||||
@@ -26502,7 +26590,7 @@ function requireWebsocket () {
|
||||
* @see https://websockets.spec.whatwg.org/#feedback-from-the-protocol
|
||||
*/
|
||||
#onConnectionEstablished (response, parsedExtensions) {
|
||||
// processResponse is called when the "response’s header list has been received and initialized."
|
||||
// processResponse is called when the "response's header list has been received and initialized."
|
||||
// once this happens, the connection is open
|
||||
this[kResponse] = response;
|
||||
|
||||
|
||||
+1
-1
File diff suppressed because one or more lines are too long
Generated
+6
-6
@@ -437,9 +437,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/@actions/github/node_modules/@actions/http-client/node_modules/undici": {
|
||||
"version": "6.23.0",
|
||||
"resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz",
|
||||
"integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==",
|
||||
"version": "6.24.1",
|
||||
"resolved": "https://registry.npmjs.org/undici/-/undici-6.24.1.tgz",
|
||||
"integrity": "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==",
|
||||
"dev": true,
|
||||
"license": "MIT",
|
||||
"engines": {
|
||||
@@ -10352,9 +10352,9 @@
|
||||
}
|
||||
},
|
||||
"node_modules/undici": {
|
||||
"version": "6.23.0",
|
||||
"resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz",
|
||||
"integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==",
|
||||
"version": "6.24.1",
|
||||
"resolved": "https://registry.npmjs.org/undici/-/undici-6.24.1.tgz",
|
||||
"integrity": "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==",
|
||||
"license": "MIT",
|
||||
"engines": {
|
||||
"node": ">=18.17"
|
||||
|
||||
Reference in New Issue
Block a user