From 0003f43ca37022fcd8b6f49445ce002e2be67052 Mon Sep 17 00:00:00 2001
From: jazelly <xzha4350@gmail.com>
Date: Mon, 26 Aug 2024 00:31:57 +0930
Subject: [PATCH 1/2] buffer: fix out of range for toString
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: Michaël Zasso <targos@protonmail.com>
---
 lib/buffer.js                               | 4 ++--
 test/parallel/test-buffer-tostring-range.js | 5 +++++
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/buffer.js b/lib/buffer.js
index 4467a555c7180e..6294eae2fb5093 100644
--- a/lib/buffer.js
+++ b/lib/buffer.js
@@ -843,12 +843,12 @@ Buffer.prototype.toString = function toString(encoding, start, end) {
   else if (start >= len)
     return '';
   else
-    start |= 0;
+    start = MathTrunc(start) || 0;
 
   if (end === undefined || end > len)
     end = len;
   else
-    end |= 0;
+    end = MathTrunc(end) || 0;
 
   if (end <= start)
     return '';
diff --git a/test/parallel/test-buffer-tostring-range.js b/test/parallel/test-buffer-tostring-range.js
index f4adf64c8d9129..0f6c7b5ec0f481 100644
--- a/test/parallel/test-buffer-tostring-range.js
+++ b/test/parallel/test-buffer-tostring-range.js
@@ -98,3 +98,8 @@ assert.throws(() => {
   name: 'TypeError',
   message: 'Unknown encoding: null'
 });
+
+
+const largeBuffer = Buffer.alloc(2 ** 32);
+// Must not throw when start and end are within kMaxLength
+largeBuffer.toString('utf8', 2 ** 31 + 1, 2 ** 31 + 10);

From 93befdfa1e362af731b3657add6b589ffcb9a9d2 Mon Sep 17 00:00:00 2001
From: jazelly <xzha4350@gmail.com>
Date: Wed, 28 Aug 2024 23:55:41 +0930
Subject: [PATCH 2/2] fixup

---
 test/parallel/test-buffer-tostring-range.js | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/test/parallel/test-buffer-tostring-range.js b/test/parallel/test-buffer-tostring-range.js
index 0f6c7b5ec0f481..d033cd204b3200 100644
--- a/test/parallel/test-buffer-tostring-range.js
+++ b/test/parallel/test-buffer-tostring-range.js
@@ -1,6 +1,6 @@
 'use strict';
 
-require('../common');
+const common = require('../common');
 const assert = require('assert');
 
 const rangeBuffer = Buffer.from('abc');
@@ -99,7 +99,10 @@ assert.throws(() => {
   message: 'Unknown encoding: null'
 });
 
-
-const largeBuffer = Buffer.alloc(2 ** 32);
 // Must not throw when start and end are within kMaxLength
-largeBuffer.toString('utf8', 2 ** 31 + 1, 2 ** 31 + 10);
+// Cannot test on 32bit machine as we are testing the case
+// when start and end are above the threshold
+common.skipIf32Bits();
+const threshold = 0xFFFFFFFF;
+const largeBuffer = Buffer.alloc(threshold + 20);
+largeBuffer.toString('utf8', threshold, threshold + 20);