URLHost not robust when re-setting its value

* **Version**: master
* **Platform**: all
* **Subsystem**: url, src

Currently, the `SetOpaque()` and `SetDomain()` methods of `URLHost` class in `node_url.cc` always overwrite the existing string in `value_` without disposing of the original value in that union.

https://github.com/nodejs/node/blob/a3555d0583452bec05e339bf2872cbb4e38236c9/src/node_url.cc#L95-L112

This could cause a memory leak when these two methods are used on an instance of the class on which one of these two methods has already been called.

Right now that never happens because of the way the URL parsing state machine is designed, but ideally these two methods should first call `this->~URLHost()` to free any memory already allocated before reinitializing the `value` through the `new` placement.

	// Setting the string members of the union with = is brittle because
	// it relies on them being initialized to a state that requires no
	// destruction of old data.
	// For a long time, that worked well enough because ParseIPv6Host() happens
	// to zero-fill `value_`, but that really is relying on standard library
	// internals too much.
	// These helpers are the easiest solution but we might want to consider
	// just not forcing strings into an union.
	inline void SetOpaque(std::string&& string) {
	type_ = HostType::H_OPAQUE;
	new(&value_.opaque) std::string(std::move(string));
	}

	inline void SetDomain(std::string&& string) {
	type_ = HostType::H_DOMAIN;
	new(&value_.domain) std::string(std::move(string));
	}
	};

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

URLHost not robust when re-setting its value #18302

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

URLHost not robust when re-setting its value #18302

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions