Skip to content

Comments

fix(napi): validate status before copying in ArrayBuffer ToNapiValue fallback#3079

Merged
graphite-app[bot] merged 1 commit intomainfrom
bisect/arraybuffer-struct
Dec 30, 2025
Merged

fix(napi): validate status before copying in ArrayBuffer ToNapiValue fallback#3079
graphite-app[bot] merged 1 commit intomainfrom
bisect/arraybuffer-struct

Conversation

@Brooooooklyn
Copy link
Member

@Brooooooklyn Brooooooklyn commented Dec 30, 2025

Note

Improves ArrayBuffer creation fallbacks and error handling when external buffers aren’t allowed.

  • In ArrayBuffer::from_data, validate napi_create_arraybuffer status before copying and guard copies behind len > 0
  • In ArrayBuffer::from_external, copy only on napi_ok, always call finalize, and check status in both branches; minor control-flow cleanup
  • Similar status checks and guarded copies applied across typed array paths that construct ArrayBuffers

Written by Cursor Bugbot for commit 6752c3e. This will update automatically on new commits. Configure here.

Summary by CodeRabbit

  • Bug Fixes
    • Improved error handling and validation for ArrayBuffer operations, including more robust status checking during buffer creation and data copying processes.
    • Enhanced handling of external buffer restrictions to ensure data is transferred and finalized in the correct order.
    • Fixed potential issues with zero-length buffer handling by adding conditional logic to avoid unnecessary operations.

✏️ Tip: You can customize this high-level summary in your review settings.

Copilot AI review requested due to automatic review settings December 30, 2025 03:19
@coderabbitai
Copy link

coderabbitai bot commented Dec 30, 2025

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

📝 Walkthrough

Walkthrough

Changes to ArrayBuffer creation methods in NAPI bindings improve error handling and refine buffer lifecycle management. Enhanced status checking is introduced in from_data with conditional data copying for non-zero-length buffers. The from_external method is modified to copy data before finalizing and to validate the result with more descriptive error messages.

Changes

Cohort / File(s) Change Summary
ArrayBuffer Error Handling & Lifecycle Management
crates/napi/src/bindgen_runtime/js_values/arraybuffer.rs
Enhanced error handling in from_data with check_status! validation; conditional copy_from_slice guarded by len > 0 check. Modified from_external to reorder data copying before finalize invocation, ensure finalize is called unconditionally, and validate final status with explicit error checking in the no-external-buffers path.

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~40 minutes

Poem

🐰 With buffers in hand and finalize in place,
Each copy and error now finds its grace,
Lifecycle refined with checks all around,
Status validated—safety is found,
NAPI flows smoother, not a glitch to be bound! 🎉

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title accurately describes the main change: adding status validation before copying in ArrayBuffer's ToNapiValue fallback path, which aligns with the core objective of improving error handling and ensuring safe buffer operations.
Docstring Coverage ✅ Passed Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
✨ Finishing touches
  • 📝 Generate docstrings

📜 Recent review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e55bc34 and c541fee.

📒 Files selected for processing (1)
  • crates/napi/src/bindgen_runtime/js_values/arraybuffer.rs
🧰 Additional context used
🧠 Learnings (2)
📚 Learning: 2025-11-25T09:31:23.877Z
Learnt from: CR
Repo: napi-rs/napi-rs PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-25T09:31:23.877Z
Learning: Applies to /crates/**/*.rs : Use `#[napi]` attribute on impl blocks to define classes exported to JavaScript/TypeScript

Applied to files:

  • crates/napi/src/bindgen_runtime/js_values/arraybuffer.rs
📚 Learning: 2025-11-25T09:31:23.877Z
Learnt from: CR
Repo: napi-rs/napi-rs PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-25T09:31:23.877Z
Learning: Applies to /crates/**/*.rs : Use `#[napi(js_name = "...")]` attribute to rename Rust items in JavaScript/TypeScript

Applied to files:

  • crates/napi/src/bindgen_runtime/js_values/arraybuffer.rs
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (40)
  • GitHub Check: x86_64-unknown-linux-gnu - node@20 - toolchain@ stable
  • GitHub Check: i686-pc-windows-msvc - node@22 - toolchain@ stable
  • GitHub Check: aarch64-apple-darwin - node@22 - toolchain@ stable
  • GitHub Check: aarch64-apple-darwin - node@24 - toolchain@ stable
  • GitHub Check: x86_64-unknown-linux-gnu - node@24 - toolchain@ 1.88.0
  • GitHub Check: x86_64-unknown-linux-gnu - node@24 - toolchain@ stable
  • GitHub Check: Build only test - armv7-linux-androideabi
  • GitHub Check: x86_64-pc-windows-msvc - node@20 - toolchain@ stable
  • GitHub Check: x86_64-unknown-linux-gnu - node@22 - toolchain@ 1.88.0
  • GitHub Check: aarch64-apple-darwin - node@20 - toolchain@ stable
  • GitHub Check: aarch64-pc-windows-msvc - node@24 - toolchain@ stable
  • GitHub Check: x86_64-unknown-linux-gnu - node@22 - toolchain@ stable
  • GitHub Check: aarch64-pc-windows-msvc - node@22 - toolchain@ stable
  • GitHub Check: x86_64-pc-windows-msvc - node@22 - toolchain@ stable
  • GitHub Check: i686-pc-windows-msvc - node@24 - toolchain@ stable
  • GitHub Check: x86_64-pc-windows-msvc - node@24 - toolchain@ stable
  • GitHub Check: Build only test - aarch64-unknown-linux-ohos
  • GitHub Check: Build only test - aarch64-linux-android
  • GitHub Check: Build only test - riscv64gc-unknown-linux-gnu
  • GitHub Check: Test node wasi target
  • GitHub Check: build - s390x-unknown-linux-gnu
  • GitHub Check: Build only test - loongarch64-unknown-linux-gnu
  • GitHub Check: build - x86_64-unknown-linux-gnu
  • GitHub Check: build - powerpc64le-unknown-linux-gnu
  • GitHub Check: build - aarch64-unknown-linux-gnu
  • GitHub Check: Test node wasi target (--cfg tokio_unstable)
  • GitHub Check: ASAN - ubuntu-24.04
  • GitHub Check: build - x86_64-unknown-linux-musl
  • GitHub Check: build-and-test-msys2 (UCRT64)
  • GitHub Check: stable - armv7-unknown-linux-gnueabihf - node@22
  • GitHub Check: ASAN - windows-latest
  • GitHub Check: Test freebsd target
  • GitHub Check: build-and-test-msys2 (CLANG64)
  • GitHub Check: build - aarch64-unknown-linux-musl
  • GitHub Check: build-and-test-msys2 (MINGW64)
  • GitHub Check: Memory leak detect job
  • GitHub Check: Zig-Cross-Compile-On-Linux (aarch64-apple-darwin)
  • GitHub Check: Zig-Cross-Compile-On-Linux (aarch64-unknown-linux-musl)
  • GitHub Check: Zig-Cross-Compile-On-Linux (armv7-unknown-linux-musleabihf)
  • GitHub Check: Zig-Cross-Compile-On-Linux (x86_64-unknown-linux-musl)
🔇 Additional comments (1)
crates/napi/src/bindgen_runtime/js_values/arraybuffer.rs (1)

181-191: LGTM! Proper status validation and guarded copy.

The changes correctly:

  1. Validate the arraybuffer creation status before attempting to copy data (line 181)
  2. Guard the copy operation behind len > 0 to avoid creating slices from potentially null pointers (lines 182-186)
  3. Check the status in the success path as well (line 189)

This prevents undefined behavior when napi_create_arraybuffer fails or returns a null data pointer for zero-length buffers.


Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

@Brooooooklyn Brooooooklyn changed the base branch from main to graphite-base/3079 December 30, 2025 03:29
@Brooooooklyn Brooooooklyn changed the base branch from graphite-base/3079 to bisect/env-changes December 30, 2025 03:30
Copy link
Member Author

Brooooooklyn commented Dec 30, 2025


How to use the Graphite Merge Queue

Add either label to this PR to merge it via the merge queue:

  • ready-to-merge - adds this PR to the back of the merge queue
  • hotfix - for urgent hot fixes, skip the queue and merge this PR next

You must have a Graphite account in order to use the merge queue. Sign up using this link.

An organization admin has enabled the Graphite Merge Queue in this repository.

Please do not merge from GitHub as this will restart CI on PRs being processed by the merge queue.

This stack of pull requests is managed by Graphite. Learn more about stacking.

Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR improves ArrayBuffer creation safety and WASM compatibility by adding defensive checks and platform-specific configuration.

  • Adds length > 0 guards before memory copy operations to prevent undefined behavior
  • Restructures error handling to check buffer creation status before attempting copies
  • Ensures finalize callbacks are always invoked for proper resource cleanup, even on errors
  • Adds WASM target exclusion to thread-local buffer tracking

Reviewed changes

Copilot reviewed 1 out of 1 changed files in this pull request and generated no comments.

File Description
crates/napi/src/env.rs Enhanced error handling in ArrayBuffer creation methods with early status checks and length guards before copy operations; ensures finalize callbacks are called for proper cleanup
crates/napi/src/bindgen_runtime/js_values/buffer.rs Added WASM exclusion to cfg attribute for thread-local BUFFER_DATA
crates/napi/src/bindgen_runtime/js_values/arraybuffer.rs Applied consistent safety improvements across ArrayBuffer methods with length guards and status checks; added WASM exclusion to all buffer tracking cfg attributes

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Brooooooklyn Brooooooklyn force-pushed the bisect/arraybuffer-struct branch from 13f1fe1 to 512153f Compare December 30, 2025 03:36
@Brooooooklyn Brooooooklyn force-pushed the bisect/arraybuffer-struct branch from 512153f to 72668eb Compare December 30, 2025 03:40
@Brooooooklyn Brooooooklyn changed the title Bisect/arraybuffer struct fix(napi): validate status before copying in ArrayBuffer ToNapiValue fallback Dec 30, 2025
@Brooooooklyn Brooooooklyn changed the base branch from bisect/env-changes to graphite-base/3079 December 30, 2025 04:17
@Brooooooklyn Brooooooklyn force-pushed the bisect/arraybuffer-struct branch from 72668eb to 9945379 Compare December 30, 2025 04:17
@Brooooooklyn Brooooooklyn changed the base branch from graphite-base/3079 to bisect/cfg-only December 30, 2025 04:17
@graphite-app graphite-app bot changed the base branch from bisect/cfg-only to graphite-base/3079 December 30, 2025 04:41
@Brooooooklyn Brooooooklyn force-pushed the bisect/arraybuffer-struct branch from 9945379 to 6752c3e Compare December 30, 2025 04:58
@Brooooooklyn Brooooooklyn changed the base branch from graphite-base/3079 to main December 30, 2025 04:59
@graphite-app
Copy link

graphite-app bot commented Dec 30, 2025

Merge activity

…fallback (#3079)

<!-- CURSOR_SUMMARY -->
> [!NOTE]
> Improves ArrayBuffer creation fallbacks and error handling when external buffers aren’t allowed.
>
> - In `ArrayBuffer::from_data`, validate `napi_create_arraybuffer` status before copying and guard copies behind `len > 0`
> - In `ArrayBuffer::from_external`, copy only on `napi_ok`, always call finalize, and check status in both branches; minor control-flow cleanup
> - Similar status checks and guarded copies applied across typed array paths that construct ArrayBuffers
>
> <sup>Written by [Cursor Bugbot](https://cursor.com/dashboard?tab=bugbot) for commit 6752c3e. This will update automatically on new commits. Configure [here](https://cursor.com/dashboard?tab=bugbot).</sup>
<!-- /CURSOR_SUMMARY -->
@graphite-app graphite-app bot force-pushed the bisect/arraybuffer-struct branch from 6752c3e to c541fee Compare December 30, 2025 05:25
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (6)
crates/napi/src/bindgen_runtime/js_values/arraybuffer.rs (6)

257-285: Potential use-after-free: data slice returned after finalize may have freed the source.

In the fallback path (lines 257-269), after finalize(*env, hint) is called (line 268), the function continues and returns an ArrayBuffer on line 283 with:

data: unsafe { std::slice::from_raw_parts(data.cast(), len) }

However, finalize is a user-provided callback that likely frees the original data pointer. The returned ArrayBuffer would then contain a dangling pointer.

In the fallback path, the data was copied to underlying_data (line 265), so the returned slice should reference underlying_data, not the original data.

🔎 Proposed fix

The fix requires tracking whether we're in the fallback path and using the correct pointer:

   if status == sys::Status::napi_no_external_buffers_allowed {
     let (hint, finalize) = *Box::from_raw(hint_ptr);
     let mut underlying_data = ptr::null_mut();
     status = unsafe {
       sys::napi_create_arraybuffer(env.0, len, &mut underlying_data, &mut arraybuffer_value)
     };
     // Copy data before calling finalize, since finalize may free the source data
     if status == sys::Status::napi_ok && len > 0 {
       unsafe { std::ptr::copy_nonoverlapping(data.cast(), underlying_data, len) };
     }
     // Always call finalize to clean up caller's resources, even on error
     finalize(*env, hint);
     check_status!(status, "Failed to create arraybuffer from data")?;
+    return Ok(Self {
+      value: Value {
+        env: env.0,
+        value: arraybuffer_value,
+        value_type: ValueType::Object,
+      },
+      data: if len == 0 {
+        &[]
+      } else {
+        unsafe { std::slice::from_raw_parts(underlying_data.cast(), len) }
+      },
+    });
   } else {
     check_status!(status, "Failed to create arraybuffer from data")?;
   }

   Ok(Self {
     value: Value {
       env: env.0,
       value: arraybuffer_value,
       value_type: ValueType::Object,
     },
     data: if len == 0 {
       &[]
     } else {
       unsafe { std::slice::from_raw_parts(data.cast(), len) }
     },
   })

767-782: Missing status validation and length guard in impl_typed_array! macro fallback.

The ArrayBuffer::from_data and ArrayBuffer::from_external methods were updated to validate status before copying and guard copies with len > 0. However, the impl_typed_array! macro (used for Uint8Array, Int32Array, etc.) still performs an unconditional copy at line 778:

unsafe { std::ptr::copy_nonoverlapping(hint.data.cast(), underlying_data, length) };

This doesn't check if napi_create_arraybuffer succeeded before copying, and doesn't guard against zero-length buffers. Per the PR objective to "apply similar status checks and guarded copies across typed array paths", this should be consistent.

🔎 Proposed fix
             if status == napi_sys::Status::napi_no_external_buffers_allowed {
               let hint = unsafe { Box::from_raw(hint_ptr) };
               let mut underlying_data = ptr::null_mut();
               let status = unsafe {
                 sys::napi_create_arraybuffer(
                   env,
                   length,
                   &mut underlying_data,
                   &mut arraybuffer_value,
                 )
               };
-              unsafe { std::ptr::copy_nonoverlapping(hint.data.cast(), underlying_data, length) };
-              status
+              if status == sys::Status::napi_ok && length > 0 {
+                unsafe { std::ptr::copy_nonoverlapping(hint.data.cast(), underlying_data, length) };
+              }
+              status
             } else {
               status
             }

1053-1071: Missing status validation in impl_from_slice! macro's from_external.

Similar to the impl_typed_array! macro, the impl_from_slice! macro's from_external method at lines 1064-1066 copies data unconditionally:

let underlying_slice: &mut [u8] =
  unsafe { std::slice::from_raw_parts_mut(underlying_data.cast(), array_buffer_len) };
underlying_slice.copy_from_slice(unsafe { std::slice::from_raw_parts(data.cast(), array_buffer_len) });

This doesn't validate that napi_create_arraybuffer succeeded before dereferencing underlying_data, which could be null or invalid if the call failed.

🔎 Proposed fix
         status = if status == sys::Status::napi_no_external_buffers_allowed {
           let (hint, finalize) = *Box::from_raw(hint_ptr);
           let mut underlying_data = ptr::null_mut();
           let status = unsafe {
             sys::napi_create_arraybuffer(
               env.0,
               array_buffer_len,
               &mut underlying_data,
               &mut arraybuffer_value,
             )
           };
-          let underlying_slice: &mut [u8] =
-            unsafe { std::slice::from_raw_parts_mut(underlying_data.cast(), array_buffer_len) };
-          underlying_slice.copy_from_slice(unsafe { std::slice::from_raw_parts(data.cast(), array_buffer_len) });
+          if status == sys::Status::napi_ok && array_buffer_len > 0 {
+            let underlying_slice: &mut [u8] =
+              unsafe { std::slice::from_raw_parts_mut(underlying_data.cast(), array_buffer_len) };
+            underlying_slice.copy_from_slice(unsafe { std::slice::from_raw_parts(data.cast(), array_buffer_len) });
+          }
           finalize(*env, hint);
           status
         } else {
           status
         };

1667-1680: Missing status validation before copy in Uint8ClampedSlice::from_data.

At lines 1673-1675, data is copied unconditionally:

let underlying_slice: &mut [u8] =
  unsafe { std::slice::from_raw_parts_mut(underlying_data.cast(), len) };
underlying_slice.copy_from_slice(data.as_slice());

The status check on line 1680 happens after this copy. If napi_create_arraybuffer fails, underlying_data may be null or invalid, leading to undefined behavior.

🔎 Proposed fix
       let mut underlying_data = ptr::null_mut();
       status = unsafe { sys::napi_create_arraybuffer(env.0, len, &mut underlying_data, &mut buf) };
-      let underlying_slice: &mut [u8] =
-        unsafe { std::slice::from_raw_parts_mut(underlying_data.cast(), len) };
-      underlying_slice.copy_from_slice(data.as_slice());
+      if status == napi_sys::Status::napi_ok && len > 0 {
+        let underlying_slice: &mut [u8] =
+          unsafe { std::slice::from_raw_parts_mut(underlying_data.cast(), len) };
+        underlying_slice.copy_from_slice(data.as_slice());
+      }
       inner_ptr = underlying_data.cast();
     } else {
       mem::forget(data);
     }
     check_status!(status, "Failed to create buffer slice from data")?;

1763-1777: Missing status validation before copy in Uint8ClampedSlice::from_external.

Same issue as from_data - the copy at lines 1769-1771 occurs before the status check at line 1777.

🔎 Proposed fix
     status = if status == sys::Status::napi_no_external_buffers_allowed {
       let (hint, finalize) = *Box::from_raw(hint_ptr);
       let mut underlying_data = ptr::null_mut();
       let status = unsafe {
         sys::napi_create_arraybuffer(env.0, len, &mut underlying_data, &mut arraybuffer_value)
       };
-      let underlying_slice: &mut [u8] =
-        unsafe { std::slice::from_raw_parts_mut(underlying_data.cast(), len) };
-      underlying_slice.copy_from_slice(unsafe { std::slice::from_raw_parts(data, len) });
+      if status == sys::Status::napi_ok && len > 0 {
+        let underlying_slice: &mut [u8] =
+          unsafe { std::slice::from_raw_parts_mut(underlying_data.cast(), len) };
+        underlying_slice.copy_from_slice(unsafe { std::slice::from_raw_parts(data, len) });
+      }
       finalize(*env, hint);
       status
     } else {
       status
     };

949-969: Missing status validation before copy in impl_from_slice! macro's from_data.

At lines 962-964, data is copied unconditionally after napi_create_arraybuffer:

let underlying_slice: &mut [u8] =
  unsafe { std::slice::from_raw_parts_mut(underlying_data.cast(), data.len()) };
underlying_slice.copy_from_slice(unsafe { core::slice::from_raw_parts(inner_ptr.cast(), array_buffer_len) });

The status check on line 969 happens after this copy.

🔎 Proposed fix
         if status == napi_sys::Status::napi_no_external_buffers_allowed {
           unsafe {
             let _ = Box::from_raw(finalize_hint);
           }
           let mut underlying_data = ptr::null_mut();
           status = unsafe {
             sys::napi_create_arraybuffer(
               env.0,
               array_buffer_len,
               &mut underlying_data,
               &mut buf,
             )
           };
-          let underlying_slice: &mut [u8] =
-            unsafe { std::slice::from_raw_parts_mut(underlying_data.cast(), data.len()) };
-          underlying_slice.copy_from_slice(unsafe { core::slice::from_raw_parts(inner_ptr.cast(), array_buffer_len) });
+          if status == napi_sys::Status::napi_ok && array_buffer_len > 0 {
+            let underlying_slice: &mut [u8] =
+              unsafe { std::slice::from_raw_parts_mut(underlying_data.cast(), array_buffer_len) };
+            underlying_slice.copy_from_slice(unsafe { core::slice::from_raw_parts(inner_ptr.cast(), array_buffer_len) });
+          }
           inner_ptr = underlying_data.cast();
         } else {
           mem::forget(data);
         }
📜 Review details

Configuration used: defaults

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e55bc34 and c541fee.

📒 Files selected for processing (1)
  • crates/napi/src/bindgen_runtime/js_values/arraybuffer.rs
🧰 Additional context used
🧠 Learnings (2)
📚 Learning: 2025-11-25T09:31:23.877Z
Learnt from: CR
Repo: napi-rs/napi-rs PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-25T09:31:23.877Z
Learning: Applies to /crates/**/*.rs : Use `#[napi]` attribute on impl blocks to define classes exported to JavaScript/TypeScript

Applied to files:

  • crates/napi/src/bindgen_runtime/js_values/arraybuffer.rs
📚 Learning: 2025-11-25T09:31:23.877Z
Learnt from: CR
Repo: napi-rs/napi-rs PR: 0
File: CLAUDE.md:0-0
Timestamp: 2025-11-25T09:31:23.877Z
Learning: Applies to /crates/**/*.rs : Use `#[napi(js_name = "...")]` attribute to rename Rust items in JavaScript/TypeScript

Applied to files:

  • crates/napi/src/bindgen_runtime/js_values/arraybuffer.rs
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (40)
  • GitHub Check: x86_64-unknown-linux-gnu - node@20 - toolchain@ stable
  • GitHub Check: i686-pc-windows-msvc - node@22 - toolchain@ stable
  • GitHub Check: aarch64-apple-darwin - node@22 - toolchain@ stable
  • GitHub Check: aarch64-apple-darwin - node@24 - toolchain@ stable
  • GitHub Check: x86_64-unknown-linux-gnu - node@24 - toolchain@ 1.88.0
  • GitHub Check: x86_64-unknown-linux-gnu - node@24 - toolchain@ stable
  • GitHub Check: Build only test - armv7-linux-androideabi
  • GitHub Check: x86_64-pc-windows-msvc - node@20 - toolchain@ stable
  • GitHub Check: x86_64-unknown-linux-gnu - node@22 - toolchain@ 1.88.0
  • GitHub Check: aarch64-apple-darwin - node@20 - toolchain@ stable
  • GitHub Check: aarch64-pc-windows-msvc - node@24 - toolchain@ stable
  • GitHub Check: x86_64-unknown-linux-gnu - node@22 - toolchain@ stable
  • GitHub Check: aarch64-pc-windows-msvc - node@22 - toolchain@ stable
  • GitHub Check: x86_64-pc-windows-msvc - node@22 - toolchain@ stable
  • GitHub Check: i686-pc-windows-msvc - node@24 - toolchain@ stable
  • GitHub Check: x86_64-pc-windows-msvc - node@24 - toolchain@ stable
  • GitHub Check: Build only test - aarch64-unknown-linux-ohos
  • GitHub Check: Build only test - aarch64-linux-android
  • GitHub Check: Build only test - riscv64gc-unknown-linux-gnu
  • GitHub Check: Test node wasi target
  • GitHub Check: build - s390x-unknown-linux-gnu
  • GitHub Check: Build only test - loongarch64-unknown-linux-gnu
  • GitHub Check: build - x86_64-unknown-linux-gnu
  • GitHub Check: build - powerpc64le-unknown-linux-gnu
  • GitHub Check: build - aarch64-unknown-linux-gnu
  • GitHub Check: Test node wasi target (--cfg tokio_unstable)
  • GitHub Check: ASAN - ubuntu-24.04
  • GitHub Check: build - x86_64-unknown-linux-musl
  • GitHub Check: build-and-test-msys2 (UCRT64)
  • GitHub Check: stable - armv7-unknown-linux-gnueabihf - node@22
  • GitHub Check: ASAN - windows-latest
  • GitHub Check: Test freebsd target
  • GitHub Check: build-and-test-msys2 (CLANG64)
  • GitHub Check: build - aarch64-unknown-linux-musl
  • GitHub Check: build-and-test-msys2 (MINGW64)
  • GitHub Check: Memory leak detect job
  • GitHub Check: Zig-Cross-Compile-On-Linux (aarch64-apple-darwin)
  • GitHub Check: Zig-Cross-Compile-On-Linux (aarch64-unknown-linux-musl)
  • GitHub Check: Zig-Cross-Compile-On-Linux (armv7-unknown-linux-musleabihf)
  • GitHub Check: Zig-Cross-Compile-On-Linux (x86_64-unknown-linux-musl)
🔇 Additional comments (1)
crates/napi/src/bindgen_runtime/js_values/arraybuffer.rs (1)

181-191: LGTM! Proper status validation and guarded copy.

The changes correctly:

  1. Validate the arraybuffer creation status before attempting to copy data (line 181)
  2. Guard the copy operation behind len > 0 to avoid creating slices from potentially null pointers (lines 182-186)
  3. Check the status in the success path as well (line 189)

This prevents undefined behavior when napi_create_arraybuffer fails or returns a null data pointer for zero-length buffers.

@graphite-app graphite-app bot merged commit c541fee into main Dec 30, 2025
75 checks passed
@graphite-app graphite-app bot deleted the bisect/arraybuffer-struct branch December 30, 2025 05:37
@github-actions github-actions bot mentioned this pull request Dec 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant