diff --git a/node_modules/.package-lock.json b/node_modules/.package-lock.json index 83c29c97..623cf103 100644 --- a/node_modules/.package-lock.json +++ b/node_modules/.package-lock.json @@ -319,9 +319,9 @@ } }, "node_modules/undici": { - "version": "6.23.0", - "resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz", - "integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==", + "version": "6.24.1", + "resolved": "https://registry.npmjs.org/undici/-/undici-6.24.1.tgz", + "integrity": "sha512-sC+b0tB1whOCzbtlx20fx3WgCXwkW627p4EA9uM+/tNNPkSS+eSEld6pAs9nDv7WbY1UUljBMYPtu9BCOrCWKA==", "license": "MIT", "engines": { "node": ">=18.17" diff --git a/node_modules/undici/docs/docs/api/Errors.md b/node_modules/undici/docs/docs/api/Errors.md index c3286891..a6af44de 100644 --- a/node_modules/undici/docs/docs/api/Errors.md +++ b/node_modules/undici/docs/docs/api/Errors.md @@ -27,6 +27,7 @@ import { errors } from 'undici' | `InformationalError` | `UND_ERR_INFO` | expected error with reason | | `ResponseExceededMaxSizeError` | `UND_ERR_RES_EXCEEDED_MAX_SIZE` | response body exceed the max size allowed | | `SecureProxyConnectionError` | `UND_ERR_PRX_TLS` | tls connection to a proxy failed | +| `MessageSizeExceededError` | `UND_ERR_WS_MESSAGE_SIZE_EXCEEDED` | WebSocket decompressed message exceeded the maximum allowed size | ### `SocketError` diff --git a/node_modules/undici/docs/docs/api/WebSocket.md b/node_modules/undici/docs/docs/api/WebSocket.md index 9d374f40..8b6f7b9c 100644 --- a/node_modules/undici/docs/docs/api/WebSocket.md +++ b/node_modules/undici/docs/docs/api/WebSocket.md @@ -13,6 +13,14 @@ Arguments: * **url** `URL | string` - The url's protocol *must* be `ws` or `wss`. * **protocol** `string | string[] | WebSocketInit` (optional) - Subprotocol(s) to request the server use, or a [`Dispatcher`](./Dispatcher.md). +### WebSocketInit + +When passing an object as the second argument, the following options are available: + +* **protocols** `string | string[]` (optional) - Subprotocol(s) to request the server use. +* **dispatcher** `Dispatcher` (optional) - A custom [`Dispatcher`](/docs/docs/api/Dispatcher.md) to use for the connection. +* **headers** `HeadersInit` (optional) - Custom headers to include in the WebSocket handshake request. + ### Example: This example will not work in browsers or other platforms that don't allow passing an object. diff --git a/node_modules/undici/lib/core/errors.js b/node_modules/undici/lib/core/errors.js index 535c7339..20288013 100644 --- a/node_modules/undici/lib/core/errors.js +++ b/node_modules/undici/lib/core/errors.js @@ -379,6 +379,24 @@ class SecureProxyConnectionError extends UndiciError { [kSecureProxyConnectionError] = true } +const kMessageSizeExceededError = Symbol.for('undici.error.UND_ERR_WS_MESSAGE_SIZE_EXCEEDED') +class MessageSizeExceededError extends UndiciError { + constructor (message) { + super(message) + this.name = 'MessageSizeExceededError' + this.message = message || 'Max decompressed message size exceeded' + this.code = 'UND_ERR_WS_MESSAGE_SIZE_EXCEEDED' + } + + static [Symbol.hasInstance] (instance) { + return instance && instance[kMessageSizeExceededError] === true + } + + get [kMessageSizeExceededError] () { + return true + } +} + module.exports = { AbortError, HTTPParserError, @@ -402,5 +420,6 @@ module.exports = { ResponseExceededMaxSizeError, RequestRetryError, ResponseError, - SecureProxyConnectionError + SecureProxyConnectionError, + MessageSizeExceededError } diff --git a/node_modules/undici/lib/core/request.js b/node_modules/undici/lib/core/request.js index 78003038..4da60667 100644 --- a/node_modules/undici/lib/core/request.js +++ b/node_modules/undici/lib/core/request.js @@ -66,6 +66,10 @@ class Request { throw new InvalidArgumentError('upgrade must be a string') } + if (upgrade && !isValidHeaderValue(upgrade)) { + throw new InvalidArgumentError('invalid upgrade header') + } + if (headersTimeout != null && (!Number.isFinite(headersTimeout) || headersTimeout < 0)) { throw new InvalidArgumentError('invalid headersTimeout') } @@ -360,13 +364,19 @@ function processHeader (request, key, val) { val = `${val}` } - if (request.host === null && headerName === 'host') { + if (headerName === 'host') { + if (request.host !== null) { + throw new InvalidArgumentError('duplicate host header') + } if (typeof val !== 'string') { throw new InvalidArgumentError('invalid host header') } // Consumed by Client request.host = val - } else if (request.contentLength === null && headerName === 'content-length') { + } else if (headerName === 'content-length') { + if (request.contentLength !== null) { + throw new InvalidArgumentError('duplicate content-length header') + } request.contentLength = parseInt(val, 10) if (!Number.isFinite(request.contentLength)) { throw new InvalidArgumentError('invalid content-length header') diff --git a/node_modules/undici/lib/web/websocket/permessage-deflate.js b/node_modules/undici/lib/web/websocket/permessage-deflate.js index 76cb366d..1f1a1303 100644 --- a/node_modules/undici/lib/web/websocket/permessage-deflate.js +++ b/node_modules/undici/lib/web/websocket/permessage-deflate.js @@ -2,17 +2,30 @@ const { createInflateRaw, Z_DEFAULT_WINDOWBITS } = require('node:zlib') const { isValidClientWindowBits } = require('./util') +const { MessageSizeExceededError } = require('../../core/errors') const tail = Buffer.from([0x00, 0x00, 0xff, 0xff]) const kBuffer = Symbol('kBuffer') const kLength = Symbol('kLength') +// Default maximum decompressed message size: 4 MB +const kDefaultMaxDecompressedSize = 4 * 1024 * 1024 + class PerMessageDeflate { /** @type {import('node:zlib').InflateRaw} */ #inflate #options = {} + /** @type {boolean} */ + #aborted = false + + /** @type {Function|null} */ + #currentCallback = null + + /** + * @param {Map} extensions + */ constructor (extensions) { this.#options.serverNoContextTakeover = extensions.has('server_no_context_takeover') this.#options.serverMaxWindowBits = extensions.get('server_max_window_bits') @@ -24,6 +37,11 @@ class PerMessageDeflate { // payload of the message. // 2. Decompress the resulting data using DEFLATE. + if (this.#aborted) { + callback(new MessageSizeExceededError()) + return + } + if (!this.#inflate) { let windowBits = Z_DEFAULT_WINDOWBITS @@ -36,13 +54,37 @@ class PerMessageDeflate { windowBits = Number.parseInt(this.#options.serverMaxWindowBits) } - this.#inflate = createInflateRaw({ windowBits }) + try { + this.#inflate = createInflateRaw({ windowBits }) + } catch (err) { + callback(err) + return + } this.#inflate[kBuffer] = [] this.#inflate[kLength] = 0 this.#inflate.on('data', (data) => { - this.#inflate[kBuffer].push(data) + if (this.#aborted) { + return + } + this.#inflate[kLength] += data.length + + if (this.#inflate[kLength] > kDefaultMaxDecompressedSize) { + this.#aborted = true + this.#inflate.removeAllListeners() + this.#inflate.destroy() + this.#inflate = null + + if (this.#currentCallback) { + const cb = this.#currentCallback + this.#currentCallback = null + cb(new MessageSizeExceededError()) + } + return + } + + this.#inflate[kBuffer].push(data) }) this.#inflate.on('error', (err) => { @@ -51,16 +93,22 @@ class PerMessageDeflate { }) } + this.#currentCallback = callback this.#inflate.write(chunk) if (fin) { this.#inflate.write(tail) } this.#inflate.flush(() => { + if (this.#aborted || !this.#inflate) { + return + } + const full = Buffer.concat(this.#inflate[kBuffer], this.#inflate[kLength]) this.#inflate[kBuffer].length = 0 this.#inflate[kLength] = 0 + this.#currentCallback = null callback(null, full) }) diff --git a/node_modules/undici/lib/web/websocket/receiver.js b/node_modules/undici/lib/web/websocket/receiver.js index 581c2510..e7f75127 100644 --- a/node_modules/undici/lib/web/websocket/receiver.js +++ b/node_modules/undici/lib/web/websocket/receiver.js @@ -37,6 +37,10 @@ class ByteParser extends Writable { /** @type {Map} */ #extensions + /** + * @param {import('./websocket').WebSocket} ws + * @param {Map|null} extensions + */ constructor (ws, extensions) { super() @@ -179,6 +183,7 @@ class ByteParser extends Writable { const buffer = this.consume(8) const upper = buffer.readUInt32BE(0) + const lower = buffer.readUInt32BE(4) // 2^31 is the maximum bytes an arraybuffer can contain // on 32-bit systems. Although, on 64-bit systems, this is @@ -186,14 +191,12 @@ class ByteParser extends Writable { // https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Errors/Invalid_array_length // https://source.chromium.org/chromium/chromium/src/+/main:v8/src/common/globals.h;drc=1946212ac0100668f14eb9e2843bdd846e510a1e;bpv=1;bpt=1;l=1275 // https://source.chromium.org/chromium/chromium/src/+/main:v8/src/objects/js-array-buffer.h;l=34;drc=1946212ac0100668f14eb9e2843bdd846e510a1e - if (upper > 2 ** 31 - 1) { + if (upper !== 0 || lower > 2 ** 31 - 1) { failWebsocketConnection(this.ws, 'Received payload length > 2^31 bytes.') return } - const lower = buffer.readUInt32BE(4) - - this.#info.payloadLength = (upper << 8) + lower + this.#info.payloadLength = lower this.#state = parserStates.READ_DATA } else if (this.#state === parserStates.READ_DATA) { if (this.#byteOffset < this.#info.payloadLength) { @@ -223,7 +226,7 @@ class ByteParser extends Writable { } else { this.#extensions.get('permessage-deflate').decompress(body, this.#info.fin, (error, data) => { if (error) { - closeWebSocketConnection(this.ws, 1007, error.message, error.message.length) + failWebsocketConnection(this.ws, error.message) return } diff --git a/node_modules/undici/lib/web/websocket/util.js b/node_modules/undici/lib/web/websocket/util.js index e5ce7899..2a04887f 100644 --- a/node_modules/undici/lib/web/websocket/util.js +++ b/node_modules/undici/lib/web/websocket/util.js @@ -266,6 +266,12 @@ function parseExtensions (extensions) { * @param {string} value */ function isValidClientWindowBits (value) { + // Must have at least one character + if (value.length === 0) { + return false + } + + // Check all characters are ASCII digits for (let i = 0; i < value.length; i++) { const byte = value.charCodeAt(i) @@ -274,7 +280,9 @@ function isValidClientWindowBits (value) { } } - return true + // Check numeric range: zlib requires windowBits in range 8-15 + const num = Number.parseInt(value, 10) + return num >= 8 && num <= 15 } // https://nodejs.org/api/intl.html#detecting-internationalization-support diff --git a/node_modules/undici/lib/web/websocket/websocket.js b/node_modules/undici/lib/web/websocket/websocket.js index e4053024..aa2a20a4 100644 --- a/node_modules/undici/lib/web/websocket/websocket.js +++ b/node_modules/undici/lib/web/websocket/websocket.js @@ -431,7 +431,7 @@ class WebSocket extends EventTarget { * @see https://websockets.spec.whatwg.org/#feedback-from-the-protocol */ #onConnectionEstablished (response, parsedExtensions) { - // processResponse is called when the "response’s header list has been received and initialized." + // processResponse is called when the "response's header list has been received and initialized." // once this happens, the connection is open this[kResponse] = response diff --git a/node_modules/undici/package.json b/node_modules/undici/package.json index 291ed14b..0c57391e 100644 --- a/node_modules/undici/package.json +++ b/node_modules/undici/package.json @@ -1,6 +1,6 @@ { "name": "undici", - "version": "6.23.0", + "version": "6.24.1", "description": "An HTTP/1.1 client, written from scratch for Node.js", "homepage": "https://undici.nodejs.org", "bugs": { @@ -107,6 +107,7 @@ "devDependencies": { "@fastify/busboy": "2.1.1", "@matteo.collina/tspl": "^0.1.1", + "@metcoder95/https-pem": "^1.0.0", "@sinonjs/fake-timers": "^11.1.0", "@types/node": "~18.19.50", "abort-controller": "^3.0.0", @@ -117,7 +118,6 @@ "fast-check": "^3.17.1", "form-data": "^4.0.0", "formdata-node": "^6.0.3", - "https-pem": "^3.0.0", "husky": "^9.0.7", "jest": "^29.0.2", "jsdom": "^24.0.0", diff --git a/node_modules/undici/types/errors.d.ts b/node_modules/undici/types/errors.d.ts index f6fb73b5..65498842 100644 --- a/node_modules/undici/types/errors.d.ts +++ b/node_modules/undici/types/errors.d.ts @@ -146,4 +146,10 @@ declare namespace Errors { name: 'SecureProxyConnectionError'; code: 'UND_ERR_PRX_TLS'; } + + /** WebSocket decompressed message exceeded maximum size. */ + export class MessageSizeExceededError extends UndiciError { + name: 'MessageSizeExceededError' + code: 'UND_ERR_WS_MESSAGE_SIZE_EXCEEDED' + } }