From c72e9c3ef7afba9668a4641c530ade25a48e5a8a Mon Sep 17 00:00:00 2001
From: Andre Jodat-Danbrani <andre.jodat-danbrani@xe.com>
Date: Fri, 12 Oct 2018 14:44:10 -0400
Subject: [PATCH 1/5] tls: convertProtocols() error handling

The convertProtocols() function now throws a range error when the byte
length of a protocol is too long to fit in a Buffer.

Also added a test case in test/parallel/test-tls-basic-validations.js
to cover this.
---
 lib/tls.js                                  |  8 +++++++-
 test/parallel/test-tls-basic-validations.js | 13 +++++++++++++
 2 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/lib/tls.js b/lib/tls.js
index f771a661d07692..7a32cedbe459e2 100644
--- a/lib/tls.js
+++ b/lib/tls.js
@@ -21,7 +21,10 @@
 
 'use strict';
 
-const { ERR_TLS_CERT_ALTNAME_INVALID } = require('internal/errors').codes;
+const {
+  ERR_TLS_CERT_ALTNAME_INVALID,
+  ERR_OUT_OF_RANGE
+} = require('internal/errors').codes;
 const internalUtil = require('internal/util');
 const internalTLS = require('internal/tls');
 internalUtil.assertCrypto();
@@ -60,6 +63,9 @@ function convertProtocols(protocols) {
   const lens = new Array(protocols.length);
   const buff = Buffer.allocUnsafe(protocols.reduce((p, c, i) => {
     var len = Buffer.byteLength(c);
+    if (len > 255) {
+      throw new ERR_OUT_OF_RANGE('byte length of a protocol', '< 255', len);
+    }
     lens[i] = len;
     return p + 1 + len;
   }, 0));
diff --git a/test/parallel/test-tls-basic-validations.js b/test/parallel/test-tls-basic-validations.js
index d0082edb463181..50f333eb1471ab 100644
--- a/test/parallel/test-tls-basic-validations.js
+++ b/test/parallel/test-tls-basic-validations.js
@@ -102,3 +102,16 @@ common.expectsError(
     assert(out.ALPNProtocols.equals(Buffer.from(expectView)));
   }
 }
+
+{
+  const protocols = [(new String('a')).repeat(500)];
+  const out = {};
+  common.expectsError(
+    () => tls.convertALPNProtocols(protocols, out),
+    {
+      code: 'ERR_OUT_OF_RANGE',
+      message: 'The value of "byte length of a protocol" is out ' +
+        'of range. It must be < 255. Received 500'
+    }
+  );
+}

From 85d242800f379f711bc29edcf9e2a2446a75bd7f Mon Sep 17 00:00:00 2001
From: Andre Jodat-Danbrani <andre.jodat-danbrani@xe.com>
Date: Fri, 12 Oct 2018 14:56:21 -0400
Subject: [PATCH 2/5] tls: convertProtocols() amended an error message

Changed the byte length error message for protocol to correctly state
that the length must be <= 255 not < 255

Amended the test case in test/parallel/test-tls-basic-validations.js
---
 lib/tls.js                                  | 2 +-
 test/parallel/test-tls-basic-validations.js | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/tls.js b/lib/tls.js
index 7a32cedbe459e2..59c9ab34c7f7b9 100644
--- a/lib/tls.js
+++ b/lib/tls.js
@@ -64,7 +64,7 @@ function convertProtocols(protocols) {
   const buff = Buffer.allocUnsafe(protocols.reduce((p, c, i) => {
     var len = Buffer.byteLength(c);
     if (len > 255) {
-      throw new ERR_OUT_OF_RANGE('byte length of a protocol', '< 255', len);
+      throw new ERR_OUT_OF_RANGE('byte length of a protocol', '<= 255', len);
     }
     lens[i] = len;
     return p + 1 + len;
diff --git a/test/parallel/test-tls-basic-validations.js b/test/parallel/test-tls-basic-validations.js
index 50f333eb1471ab..f305b86edb50ac 100644
--- a/test/parallel/test-tls-basic-validations.js
+++ b/test/parallel/test-tls-basic-validations.js
@@ -111,7 +111,7 @@ common.expectsError(
     {
       code: 'ERR_OUT_OF_RANGE',
       message: 'The value of "byte length of a protocol" is out ' +
-        'of range. It must be < 255. Received 500'
+        'of range. It must be <= 255. Received 500'
     }
   );
 }

From 5c4e7d82cdb39a8c8918c8a8d872873c8cdb39ee Mon Sep 17 00:00:00 2001
From: Andre Jodat-Danbrani <andre.jodat-danbrani@xe.com>
Date: Sat, 13 Oct 2018 00:32:02 -0400
Subject: [PATCH 3/5] lib: added override for msg in ERR_OUT_OF_RANGE

Also changed corresponding usage in lib/tls.js

Amended the test case in test/parallel/test-tls-basic-validations.js
---
 lib/internal/errors.js                      | 4 ++--
 lib/tls.js                                  | 3 ++-
 test/parallel/test-tls-basic-validations.js | 4 ++--
 3 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index 58eba742e08685..992b06104402d0 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -825,8 +825,8 @@ E('ERR_NO_ICU',
   '%s is not supported on Node.js compiled without ICU', TypeError);
 E('ERR_NO_LONGER_SUPPORTED', '%s is no longer supported', Error);
 E('ERR_OUT_OF_RANGE',
-  (name, range, value) => {
-    let msg = `The value of "${name}" is out of range.`;
+  (name, range, value, msg = null) => {
+    msg = msg ? msg : `The value of "${name}" is out of range.`;
     if (range !== undefined) msg += ` It must be ${range}.`;
     msg += ` Received ${value}`;
     return msg;
diff --git a/lib/tls.js b/lib/tls.js
index 59c9ab34c7f7b9..b7b1e30a05a07e 100644
--- a/lib/tls.js
+++ b/lib/tls.js
@@ -64,7 +64,8 @@ function convertProtocols(protocols) {
   const buff = Buffer.allocUnsafe(protocols.reduce((p, c, i) => {
     var len = Buffer.byteLength(c);
     if (len > 255) {
-      throw new ERR_OUT_OF_RANGE('byte length of a protocol', '<= 255', len);
+      throw new ERR_OUT_OF_RANGE('', '<= 255', len, 'The byte length of the ' +
+        `protocol at index ${i} exceeds the maximum.`);
     }
     lens[i] = len;
     return p + 1 + len;
diff --git a/test/parallel/test-tls-basic-validations.js b/test/parallel/test-tls-basic-validations.js
index f305b86edb50ac..74b47cfe37a3a9 100644
--- a/test/parallel/test-tls-basic-validations.js
+++ b/test/parallel/test-tls-basic-validations.js
@@ -110,8 +110,8 @@ common.expectsError(
     () => tls.convertALPNProtocols(protocols, out),
     {
       code: 'ERR_OUT_OF_RANGE',
-      message: 'The value of "byte length of a protocol" is out ' +
-        'of range. It must be <= 255. Received 500'
+      message: 'The byte length of the protocol at index 0 exceeds the ' +
+        'maximum. It must be <= 255. Received 500'
     }
   );
 }

From 951692e8bbb2eafcce37a9a383daa7b25a4bebf0 Mon Sep 17 00:00:00 2001
From: Andre Jodat-Danbrani <andre.jodat-danbrani@xe.com>
Date: Sat, 13 Oct 2018 09:26:57 -0400
Subject: [PATCH 4/5] tls: minor change to error message in convertProtocols()

---
 lib/tls.js                                  | 2 +-
 test/parallel/test-tls-basic-validations.js | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/tls.js b/lib/tls.js
index b7b1e30a05a07e..a34d9f8327378f 100644
--- a/lib/tls.js
+++ b/lib/tls.js
@@ -65,7 +65,7 @@ function convertProtocols(protocols) {
     var len = Buffer.byteLength(c);
     if (len > 255) {
       throw new ERR_OUT_OF_RANGE('', '<= 255', len, 'The byte length of the ' +
-        `protocol at index ${i} exceeds the maximum.`);
+        `protocol at index ${i} exceeds the maximum length.`);
     }
     lens[i] = len;
     return p + 1 + len;
diff --git a/test/parallel/test-tls-basic-validations.js b/test/parallel/test-tls-basic-validations.js
index 74b47cfe37a3a9..8d39b8d45c9c65 100644
--- a/test/parallel/test-tls-basic-validations.js
+++ b/test/parallel/test-tls-basic-validations.js
@@ -111,7 +111,7 @@ common.expectsError(
     {
       code: 'ERR_OUT_OF_RANGE',
       message: 'The byte length of the protocol at index 0 exceeds the ' +
-        'maximum. It must be <= 255. Received 500'
+        'maximum length. It must be <= 255. Received 500'
     }
   );
 }

From ca17a24d7a5134a7234b001f7e899832244d54fd Mon Sep 17 00:00:00 2001
From: Andre Jodat-Danbrani <andre.jodat-danbrani@xe.com>
Date: Wed, 17 Oct 2018 17:09:48 -0400
Subject: [PATCH 5/5] lib: refactored the signature of ERROR_OUT_OF_RANGE

---
 lib/internal/errors.js | 7 ++++---
 lib/tls.js             | 4 ++--
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/lib/internal/errors.js b/lib/internal/errors.js
index 992b06104402d0..ebec2d97a00321 100644
--- a/lib/internal/errors.js
+++ b/lib/internal/errors.js
@@ -825,10 +825,11 @@ E('ERR_NO_ICU',
   '%s is not supported on Node.js compiled without ICU', TypeError);
 E('ERR_NO_LONGER_SUPPORTED', '%s is no longer supported', Error);
 E('ERR_OUT_OF_RANGE',
-  (name, range, value, msg = null) => {
-    msg = msg ? msg : `The value of "${name}" is out of range.`;
+  (str, range, input, replaceDefaultBoolean = false) => {
+    let msg = replaceDefaultBoolean ? str :
+      `The value of "${str}" is out of range.`;
     if (range !== undefined) msg += ` It must be ${range}.`;
-    msg += ` Received ${value}`;
+    msg += ` Received ${input}`;
     return msg;
   }, RangeError);
 E('ERR_REQUIRE_ESM', 'Must use import to load ES Module: %s', Error);
diff --git a/lib/tls.js b/lib/tls.js
index a34d9f8327378f..4207364ad82969 100644
--- a/lib/tls.js
+++ b/lib/tls.js
@@ -64,8 +64,8 @@ function convertProtocols(protocols) {
   const buff = Buffer.allocUnsafe(protocols.reduce((p, c, i) => {
     var len = Buffer.byteLength(c);
     if (len > 255) {
-      throw new ERR_OUT_OF_RANGE('', '<= 255', len, 'The byte length of the ' +
-        `protocol at index ${i} exceeds the maximum length.`);
+      throw new ERR_OUT_OF_RANGE('The byte length of the protocol at index ' +
+        `${i} exceeds the maximum length.`, '<= 255', len, true);
     }
     lens[i] = len;
     return p + 1 + len;