From 6a59237ed03f91e507e954333d63d19f3db534c6 Mon Sep 17 00:00:00 2001
From: Damien Arrachequesne <damien.arrachequesne@gmail.com>
Date: Thu, 17 Sep 2020 15:27:33 +0200
Subject: [PATCH 1/3] test: add Node.js 12 and 14 in the build matrix

Node.js 8 is removed, as it is now EOL.

Note: the node_modules folder is cached by default
---
 .travis.yml  | 6 ++----
 package.json | 5 ++++-
 2 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/.travis.yml b/.travis.yml
index d6cccc0..7d1d119 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,17 +1,15 @@
 language: node_js
 sudo: false
 node_js:
-  - '8'
   - '10'
+  - '12'
+  - '14'
 git:
   depth: 1
 matrix:
   include:
     - node_js: 10
       env: BROWSERS=1
-cache:
-  directories:
-    - node_modules
 env:
   global:
     - secure: >-
diff --git a/package.json b/package.json
index 59acfab..ae6be5c 100644
--- a/package.json
+++ b/package.json
@@ -30,5 +30,8 @@
   "scripts": {
     "test": "make test"
   },
-  "license": "MIT"
+  "license": "MIT",
+  "engines": {
+    "node": ">=10.0.0"
+  }
 }

From 04d23cecafe1b859fb03e0cbf6ba3b74dff56d14 Mon Sep 17 00:00:00 2001
From: Damien Arrachequesne <damien.arrachequesne@gmail.com>
Date: Wed, 9 Nov 2022 11:04:00 +0100
Subject: [PATCH 2/3] fix: check the format of the index of each attachment

A specially crafted packet could be incorrectly decoded.

Example:

```js
const decoder = new Decoder();

decoder.on("decoded", (packet) => {
  console.log(packet.data); // prints [ 'hello', [Function: splice] ]
})

decoder.add('51-["hello",{"_placeholder":true,"num":"splice"}]');
decoder.add(Buffer.from("world"));
```

As usual, please remember not to trust user input.

Backported from https://github.com/socketio/socket.io-parser/commit/b5d0cb7dc56a0601a09b056beaeeb0e43b160050
---
 binary.js      | 12 ++++++++++--
 index.js       |  3 +++
 test/buffer.js | 47 +++++++++++++++++++++++++++++++++++++++++++++--
 3 files changed, 58 insertions(+), 4 deletions(-)

diff --git a/binary.js b/binary.js
index 3e2347d..95a1450 100644
--- a/binary.js
+++ b/binary.js
@@ -70,8 +70,16 @@ exports.reconstructPacket = function(packet, buffers) {
 function _reconstructPacket(data, buffers) {
   if (!data) return data;
 
-  if (data && data._placeholder) {
-    return buffers[data.num]; // appropriate buffer (should be natural order anyway)
+  if (data && data._placeholder === true) {
+    var isIndexValid =
+      typeof data.num === "number" &&
+      data.num >= 0 &&
+      data.num < buffers.length;
+    if (isIndexValid) {
+      return buffers[data.num]; // appropriate buffer (should be natural order anyway)
+    } else {
+      throw new Error("illegal attachments");
+    }
   } else if (isArray(data)) {
     for (var i = 0; i < data.length; i++) {
       data[i] = _reconstructPacket(data[i], buffers);
diff --git a/index.js b/index.js
index ff613cc..245a800 100644
--- a/index.js
+++ b/index.js
@@ -239,6 +239,9 @@ Emitter(Decoder.prototype);
 Decoder.prototype.add = function(obj) {
   var packet;
   if (typeof obj === 'string') {
+    if (this.reconstructor) {
+      throw new Error("got plaintext data when reconstructing a packet");
+    }
     packet = decodeString(obj);
     if (exports.BINARY_EVENT === packet.type || exports.BINARY_ACK === packet.type) { // binary packet's json
       this.reconstructor = new BinaryReconstructor(packet);
diff --git a/test/buffer.js b/test/buffer.js
index 3aba898..f18e68a 100644
--- a/test/buffer.js
+++ b/test/buffer.js
@@ -1,8 +1,7 @@
 var parser = require('../index.js');
 var expect = require('expect.js');
 var helpers = require('./helpers.js');
-var encode = parser.encode;
-var decode = parser.decode;
+var Decoder = parser.Decoder;
 
 describe('parser', function() {
   it('encodes a Buffer', function() {
@@ -14,6 +13,15 @@ describe('parser', function() {
       });
   });
 
+  it("encodes a nested Buffer", function() {
+    helpers.test_bin({
+      type: parser.BINARY_EVENT,
+      data: ["a", { b: ["c", Buffer.from("abc", "utf8")] }],
+      id: 23,
+      nsp: "/cool",
+    });
+  });
+
   it('encodes a binary ack with Buffer', function() {
     helpers.test_bin({
       type: parser.BINARY_ACK,
@@ -22,4 +30,39 @@ describe('parser', function() {
       nsp: '/back'
     })
   });
+
+  it("throws an error when adding an attachment with an invalid 'num' attribute (string)", function() {
+    var decoder = new Decoder();
+
+    expect(function() {
+      decoder.add('51-["hello",{"_placeholder":true,"num":"splice"}]');
+      decoder.add(Buffer.from("world"));
+    }).to.throwException(/^illegal attachments$/);
+  });
+
+  it("throws an error when adding an attachment with an invalid 'num' attribute (out-of-bound)", function() {
+    var decoder = new Decoder();
+
+    expect(function() {
+      decoder.add('51-["hello",{"_placeholder":true,"num":1}]');
+      decoder.add(Buffer.from("world"));
+    }).to.throwException(/^illegal attachments$/);
+  });
+
+  it("throws an error when adding an attachment without header", function() {
+    var decoder = new Decoder();
+
+    expect(function() {
+      decoder.add(Buffer.from("world"));
+    }).to.throwException(/^got binary data when not reconstructing a packet$/);
+  });
+
+  it("throws an error when decoding a binary event without attachments", function() {
+    var decoder = new Decoder();
+
+    expect(function() {
+      decoder.add('51-["hello",{"_placeholder":true,"num":0}]');
+      decoder.add('2["hello"]');
+    }).to.throwException(/^got plaintext data when reconstructing a packet$/);
+  });
 });

From 4b3c191bc411578099c8dd35499d8c7a75860192 Mon Sep 17 00:00:00 2001
From: Damien Arrachequesne <damien.arrachequesne@gmail.com>
Date: Wed, 9 Nov 2022 11:18:30 +0100
Subject: [PATCH 3/3] chore(release): 3.4.2

Diff: https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2
---
 CHANGELOG.md | 9 +++++++++
 package.json | 2 +-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 4fe8f3a..54c82d5 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,3 +1,12 @@
+## [3.4.2](https://github.com/socketio/socket.io-parser/compare/3.4.1...3.4.2) (2022-11-09)
+
+
+### Bug Fixes
+
+* check the format of the index of each attachment ([04d23ce](https://github.com/socketio/socket.io-parser/commit/04d23cecafe1b859fb03e0cbf6ba3b74dff56d14))
+
+
+
 ## [3.4.1](https://github.com/socketio/socket.io-parser/compare/3.4.0...3.4.1) (2020-05-13)
 
 
diff --git a/package.json b/package.json
index ae6be5c..f82999a 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "socket.io-parser",
-  "version": "3.4.1",
+  "version": "3.4.2",
   "description": "socket.io protocol parser",
   "repository": {
     "type": "git",