zlib: fix crash when initializing failed

[addaleax]

Unset mode_ when initializing the zlib stream failed, so that we don’t try to call the zlib end functions (deflateEnd() etc.) when cleaning up in ZCtx::Close().

Fixes: #14178
Ref: #13098

Checklist

• make -j4 test (UNIX), or vcbuild test (Windows) passes
• commit message follows commit guidelines

Affected core subsystem(s)

src/zlib

[addaleax]

CI: https://ci.nodejs.org/job/node-test-commit/11594/
Stress master: https://ci.nodejs.org/job/node-stress-single-test/1364/
Stress this PR: https://ci.nodejs.org/job/node-stress-single-test/1365/

[gibfahn]

Is this a regression?

Looking at the description in #13098:

This PR fixes the Node process crashing when constructors of classes of the zlib module are given invalid options.

Throw an Error when the zlib library rejects the value of windowBits, instead of crashing with an assertion.

it sounds like zlib previously crashed under these circumstances anyway, so #13098 didn't make things worse. Is that correct?

[gibfahn]

+1 on fast-tracking this, if only because it'll make CI less red.

Is there an easy way to add a (less intermittently failing) test for this?

[addaleax]

@gibfahn Right, it’s only going from an assertion failure to a segfault. It’s a bit more scary to see that happening, but it won’t really hurt anyone.

Is there an easy way to add a (less intermittent) test for this?

I don’t know, the failure is only happening because there’s uninitialized memory involved. I guess the best way to make sure this doesn’t happen again is to check the return value of the zlib cleanup functions, but tbh I’m scared to do that in a patch release given how complex the zlib state machine is.

[addaleax]

@gibfahn I opened #14673, checking return values doesn’t seem to be enough to test this. I think more detailed CHECKs would require inspecting zlib internals.

[MylesBorins]

@addaleax it was only partially backported... and we have not been seeing the failures on 6.x yet

Should we just revert the original change and call it a day?

[gibfahn]

Should we just revert the original change and call it a day?

I'd rather land this if there are no problems with it. Reverting the original means zlib will still crash, which according to #13082 was a regression from 6.10.1->6.10.2 (due to the zlib update).

[aqrln]

Thank you!

[addaleax]

Landed in 1e569f4

[MylesBorins]

This has backported cleanly to v6.x
do we need to backport both fixes to v4.x? we are getting close to enough backlog to justify a maintenance release

[gibfahn]

do we need to backport both fixes to v4.x?

If we're planning to do another v4.x already it probably makes sense, these are fixes for zlib 1.2.11 which is the version in v4.x.

cc/ @aqrln @addaleax @lpinca

[addaleax]

I probably would backport both fixes, but not backporting either also seems fine to me.

[MylesBorins]

We are getting very close to a v4.x release. Could this please be backported to v4.x

[aqrln]

@MylesBorins both fixes backported in #14860.