From d0edabecbf072dded07f85897691b0ff1b0bb99b Mon Sep 17 00:00:00 2001
From: James M Snell <jasnell@gmail.com>
Date: Tue, 15 Mar 2016 20:46:53 -0700
Subject: net: strict checking for internal/net isLegalPort

Add stricter testing for the isLegalPort method in internal/net.
This ensures that odd inputs such as isLegalPort(true) and
isLegalPort([1]) aren't acceptable as valid port inputs.

PR-URL: https://github.com/nodejs/node/pull/5733
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
---
 lib/internal/net.js | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'lib/internal/net.js')

diff --git a/lib/internal/net.js b/lib/internal/net.js
index effc6485d2..30bd50ce93 100644
--- a/lib/internal/net.js
+++ b/lib/internal/net.js
@@ -5,7 +5,8 @@ module.exports = { isLegalPort };
 // Check that the port number is not NaN when coerced to a number,
 // is an integer and that it falls within the legal range of port numbers.
 function isLegalPort(port) {
-  if (typeof port === 'string' && port.trim() === '')
+  if ((typeof port !== 'number' && typeof port !== 'string') ||
+      (typeof port === 'string' && port.trim().length === 0))
     return false;
-  return +port === (port >>> 0) && port >= 0 && port <= 0xFFFF;
+  return +port === (+port >>> 0) && port <= 0xFFFF;
 }
-- 
cgit v1.2.3