node-api: fix immediate napi_remove_wrap test #45406
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
As documented in napi_wrap section, the returned reference must be deleted with `napi_delete_reference` in response to the finalize callback, in which `napi_unwrap` and `napi_remove_wrap` is not available. When the reference needs to be deleted early, it should be deleted after the wrapped value is not accessed with `napi_unwrap` and `napi_remove_wrap` too. This test is previously added in response to duplicating the test https://github.com/nodejs/node-addon-api/blob/main/test/objectwrap_constructor_exception.cc in the node-addon-api. As Napi::ObjectWrap<> is a subclass of Napi::Reference<>, napi_remove_wrap in the destructor of Napi::ObjectWrap<> is called before napi_delete_reference in the destructor of Napi::Reference<>.
nodejs-github-bot
added
needs-ci
cjihrig
approved these changes
Nov 10, 2022
github-actions
bot
removed
the
request-ci
legendecas
added
the
commit-queue
nodejs-github-bot
removed
the
commit-queue
|
Landed in 926c830 |
ruyadorno
pushed a commit
that referenced
this pull request
Nov 21, 2022
As documented in napi_wrap section, the returned reference must be deleted with `napi_delete_reference` in response to the finalize callback, in which `napi_unwrap` and `napi_remove_wrap` is not available. When the reference needs to be deleted early, it should be deleted after the wrapped value is not accessed with `napi_unwrap` and `napi_remove_wrap` too. This test is previously added in response to duplicating the test https://github.com/nodejs/node-addon-api/blob/main/test/objectwrap_constructor_exception.cc in the node-addon-api. As Napi::ObjectWrap<> is a subclass of Napi::Reference<>, napi_remove_wrap in the destructor of Napi::ObjectWrap<> is called before napi_delete_reference in the destructor of Napi::Reference<>. PR-URL: #45406 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
marco-ippolito
pushed a commit
to marco-ippolito/node
that referenced
this pull request
Nov 23, 2022
As documented in napi_wrap section, the returned reference must be deleted with `napi_delete_reference` in response to the finalize callback, in which `napi_unwrap` and `napi_remove_wrap` is not available. When the reference needs to be deleted early, it should be deleted after the wrapped value is not accessed with `napi_unwrap` and `napi_remove_wrap` too. This test is previously added in response to duplicating the test https://github.com/nodejs/node-addon-api/blob/main/test/objectwrap_constructor_exception.cc in the node-addon-api. As Napi::ObjectWrap<> is a subclass of Napi::Reference<>, napi_remove_wrap in the destructor of Napi::ObjectWrap<> is called before napi_delete_reference in the destructor of Napi::Reference<>. PR-URL: nodejs#45406 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Merged
danielleadams
pushed a commit
that referenced
this pull request
Dec 30, 2022
As documented in napi_wrap section, the returned reference must be deleted with `napi_delete_reference` in response to the finalize callback, in which `napi_unwrap` and `napi_remove_wrap` is not available. When the reference needs to be deleted early, it should be deleted after the wrapped value is not accessed with `napi_unwrap` and `napi_remove_wrap` too. This test is previously added in response to duplicating the test https://github.com/nodejs/node-addon-api/blob/main/test/objectwrap_constructor_exception.cc in the node-addon-api. As Napi::ObjectWrap<> is a subclass of Napi::Reference<>, napi_remove_wrap in the destructor of Napi::ObjectWrap<> is called before napi_delete_reference in the destructor of Napi::Reference<>. PR-URL: #45406 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
danielleadams
pushed a commit
that referenced
this pull request
Dec 30, 2022
As documented in napi_wrap section, the returned reference must be deleted with `napi_delete_reference` in response to the finalize callback, in which `napi_unwrap` and `napi_remove_wrap` is not available. When the reference needs to be deleted early, it should be deleted after the wrapped value is not accessed with `napi_unwrap` and `napi_remove_wrap` too. This test is previously added in response to duplicating the test https://github.com/nodejs/node-addon-api/blob/main/test/objectwrap_constructor_exception.cc in the node-addon-api. As Napi::ObjectWrap<> is a subclass of Napi::Reference<>, napi_remove_wrap in the destructor of Napi::ObjectWrap<> is called before napi_delete_reference in the destructor of Napi::Reference<>. PR-URL: #45406 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
danielleadams
pushed a commit
that referenced
this pull request
Jan 3, 2023
As documented in napi_wrap section, the returned reference must be deleted with `napi_delete_reference` in response to the finalize callback, in which `napi_unwrap` and `napi_remove_wrap` is not available. When the reference needs to be deleted early, it should be deleted after the wrapped value is not accessed with `napi_unwrap` and `napi_remove_wrap` too. This test is previously added in response to duplicating the test https://github.com/nodejs/node-addon-api/blob/main/test/objectwrap_constructor_exception.cc in the node-addon-api. As Napi::ObjectWrap<> is a subclass of Napi::Reference<>, napi_remove_wrap in the destructor of Napi::ObjectWrap<> is called before napi_delete_reference in the destructor of Napi::Reference<>. PR-URL: #45406 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
danielleadams
pushed a commit
that referenced
this pull request
Jan 4, 2023
As documented in napi_wrap section, the returned reference must be deleted with `napi_delete_reference` in response to the finalize callback, in which `napi_unwrap` and `napi_remove_wrap` is not available. When the reference needs to be deleted early, it should be deleted after the wrapped value is not accessed with `napi_unwrap` and `napi_remove_wrap` too. This test is previously added in response to duplicating the test https://github.com/nodejs/node-addon-api/blob/main/test/objectwrap_constructor_exception.cc in the node-addon-api. As Napi::ObjectWrap<> is a subclass of Napi::Reference<>, napi_remove_wrap in the destructor of Napi::ObjectWrap<> is called before napi_delete_reference in the destructor of Napi::Reference<>. PR-URL: #45406 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
As documented in napi_wrap section, the returned reference must be
deleted with
napi_delete_referencein response to the finalizecallback, in which
napi_unwrapandnapi_remove_wrapis notavailable.
When the reference needs to be deleted early, it should be
deleted after the wrapped value is not accessed with
napi_unwrapand
napi_remove_wraptoo.This test is previously added in response to duplicating the test
https://github.com/nodejs/node-addon-api/blob/main/test/objectwrap_constructor_exception.cc
in the node-addon-api. As Napi::ObjectWrap<> is a subclass of
Napi::Reference<>, napi_remove_wrap in the destructor of
Napi::ObjectWrap<> is called before napi_delete_reference in the
destructor of Napi::Reference<>.
This fix is intended to fix the use-after-free problem in #44141.