Skip to content

assert,util: harden comparison#24831

Closed
BridgeAR wants to merge 4 commits into
nodejs:masterfrom
BridgeAR:harden-comparison
Closed

assert,util: harden comparison#24831
BridgeAR wants to merge 4 commits into
nodejs:masterfrom
BridgeAR:harden-comparison

Conversation

@BridgeAR

@BridgeAR BridgeAR commented Dec 4, 2018

Copy link
Copy Markdown
Member

The former algorithm used checks which were unsafe. Most of these
have been replaced with alternatives that can not be manipulated or
fooled that easily.

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines

@BridgeAR
assert,util: harden comparison
9ac6bd7 
The former algorithm used checks which were unsafe. Most of these
have been replaced with alternatives that can not be manipulated or
fooled that easily.
@nodejs-github-bot

nodejs-github-bot commented Dec 4, 2018

Copy link
Copy Markdown
Collaborator

@BridgeAR build started: https://ci.nodejs.org/blue/organizations/jenkins/node-test-pull-request-lite-pipeline/detail/node-test-pull-request-lite-pipeline/1826/pipeline

@nodejs-github-bot nodejs-github-bot added the util Issues and PRs related to the built-in util module. label Dec 4, 2018
@BridgeAR

BridgeAR commented Dec 5, 2018

Copy link
Copy Markdown
Member Author

@nodejs/assert @nodejs/util PTAL

This needs some LGs.

@BridgeAR

BridgeAR commented Dec 5, 2018

Copy link
Copy Markdown
Member Author

CI https://ci.nodejs.org/job/node-test-pull-request/19223/

@Trott

Trott commented Dec 5, 2018

Copy link
Copy Markdown
Member

Resume Build CI: https://ci.nodejs.org/job/node-test-pull-request/19238/

@BridgeAR

BridgeAR commented Dec 5, 2018

Copy link
Copy Markdown
Member Author

Resumed build https://ci.nodejs.org/job/node-test-pull-request/19243/

@BridgeAR BridgeAR added the assert Issues and PRs related to the assert subsystem. label Dec 5, 2018
@Trott

Trott commented Dec 5, 2018

Copy link
Copy Markdown
Member

https://ci.nodejs.org/job/node-test-pull-request/19244/ ✔️

addaleax
addaleax approved these changes Dec 6, 2018
View reviewed changes
Comment thread lib/internal/util/comparisons.js Outdated
Comment thread test/parallel/test-assert-deep.js Outdated
addaleax and others added 2 commits December 6, 2018 19:24
@addaleax @BridgeAR
fixup: fix typo
0af2cbd 
Co-Authored-By: BridgeAR <ruben@bridgewater.de>
@BridgeAR
fixup: use clearer name and simplify statement
e0bf44c
@BridgeAR

BridgeAR commented Dec 8, 2018

Copy link
Copy Markdown
Member Author

CI https://ci.nodejs.org/job/node-test-pull-request/19322/

@Trott

Trott commented Dec 8, 2018
edited by BridgeAR
Loading

Copy link
Copy Markdown
Member

If it helps, https://ci.nodejs.org/job/node-test-pull-request/19324/ is green. ✔️

ryzokuken
ryzokuken approved these changes Dec 8, 2018
View reviewed changes

@ryzokuken ryzokuken left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks really good to be overall. Will take a deeper look tomorrow or on Monday.

@BridgeAR BridgeAR added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Dec 10, 2018
@Trott

Trott commented Dec 10, 2018

Copy link
Copy Markdown
Member

Landed in 9fb4fa8

@Trott Trott closed this Dec 10, 2018
Trott pushed a commit to Trott/io.js that referenced this pull request Dec 10, 2018
@BridgeAR @Trott
assert,util: harden comparison
9fb4fa8 
The former algorithm used checks which were unsafe. Most of these
have been replaced with alternatives that can not be manipulated or
fooled that easily.

PR-URL: nodejs#24831
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
BethGriggs pushed a commit that referenced this pull request Dec 17, 2018
@BridgeAR @BethGriggs
assert,util: harden comparison
bf4faf3 
The former algorithm used checks which were unsafe. Most of these
have been replaced with alternatives that can not be manipulated or
fooled that easily.

PR-URL: #24831
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
@BethGriggs BethGriggs mentioned this pull request Dec 18, 2018
Merged
@beevelop beevelop mentioned this pull request Dec 18, 2018
Closed
refack pushed a commit to refack/node that referenced this pull request Jan 14, 2019
@BridgeAR @refack
assert,util: harden comparison
aca84d4 
The former algorithm used checks which were unsafe. Most of these
have been replaced with alternatives that can not be manipulated or
fooled that easily.

PR-URL: nodejs#24831
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
@BridgeAR BridgeAR deleted the harden-comparison branch January 20, 2020 11:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@addaleax addaleax addaleax approved these changes

@benjamingr benjamingr Awaiting requested review from benjamingr

@devsnek devsnek Awaiting requested review from devsnek

@jdalton jdalton Awaiting requested review from jdalton

@TimothyGu TimothyGu Awaiting requested review from TimothyGu

@mcollina mcollina Awaiting requested review from mcollina

@apapirovski apapirovski Awaiting requested review from apapirovski

@danbev danbev Awaiting requested review from danbev

+1 more reviewer

@ryzokuken ryzokuken ryzokuken approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

assert Issues and PRs related to the assert subsystem. author ready PRs that have at least one approval, no pending requests for changes, and a CI started. util Issues and PRs related to the built-in util module.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@BridgeAR @nodejs-github-bot @Trott @addaleax @ryzokuken @BethGriggs