GCC Code Coverage Report
Directory: ../ Exec Total Coverage
File: /home/iojs/build/workspace/node-test-commit-linux-coverage-daily/nodes/benchmark/out/../src/node_revert.h Lines: 7 14 50.0 %
Date: 2019-08-17 22:35:23 Branches: 4 13 30.8 %

Line Branch Exec Source
1
#ifndef SRC_NODE_REVERT_H_
2
#define SRC_NODE_REVERT_H_
3
4
#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
5
6
#include "node.h"
7
8
/**
9
 * Note that it is expected for this list to vary across specific LTS and
10
 * Stable versions! Only CVE's whose fixes require *breaking* changes within
11
 * a given LTS or Stable may be added to this list, and only with TSC
12
 * consensus.
13
 *
14
 * For *master* this list should always be empty!
15
 **/
16
namespace node {
17
18
#define SECURITY_REVERSIONS(XX)                                            \
19
  XX(CVE_2019_9512, "CVE-2019-9512", "HTTP/2 Ping/Settings Flood")         \
20
  XX(CVE_2019_9514, "CVE-2019-9514", "HTTP/2 Reset Flood")                 \
21
  XX(CVE_2019_9516, "CVE-2019-9516", "HTTP/2 0-Length Headers Leak")       \
22
  XX(CVE_2019_9518, "CVE-2019-9518", "HTTP/2 Empty DATA Frame Flooding")   \
23
//  XX(CVE_2016_PEND, "CVE-2016-PEND", "Vulnerability Title")
24
  // TODO(addaleax): Remove all of the above before Node.js 13 as the comment
25
  // at the start of the file indicates.
26
27
enum reversion {
28
#define V(code, ...) SECURITY_REVERT_##code,
29
  SECURITY_REVERSIONS(V)
30
#undef V
31
};
32
33
namespace per_process {
34
extern unsigned int reverted_cve;
35
}
36
37
inline const char* RevertMessage(const reversion cve) {
38
#define V(code, label, msg) case SECURITY_REVERT_##code: return label ": " msg;
39
  switch (cve) {
40
    SECURITY_REVERSIONS(V)
41
    default:
42
      return "Unknown";
43
  }
44
#undef V
45
}
46
47
inline void Revert(const reversion cve) {
48
  per_process::reverted_cve |= 1 << cve;
49
  printf("SECURITY WARNING: Reverting %s\n", RevertMessage(cve));
50
}
51
52
1
inline void Revert(const char* cve, std::string* error) {
53
#define V(code, label, _)                                                     \
54
  if (strcmp(cve, label) == 0) return Revert(SECURITY_REVERT_##code);
55


1
  SECURITY_REVERSIONS(V)
56
#undef V
57
1
  *error = "Error: Attempt to revert an unknown CVE [";
58
1
  *error += cve;
59
1
  *error += ']';
60
}
61
62
21183
inline bool IsReverted(const reversion cve) {
63
21183
  return per_process::reverted_cve & (1 << cve);
64
}
65
66
inline bool IsReverted(const char* cve) {
67
#define V(code, label, _)                                                     \
68
  if (strcmp(cve, label) == 0) return IsReverted(SECURITY_REVERT_##code);
69
  SECURITY_REVERSIONS(V)
70
  return false;
71
#undef V
72
}
73
74
}  // namespace node
75
76
#endif  // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
77
78
#endif  // SRC_NODE_REVERT_H_