From 55b736a63b24e290d8741c899f7ef41689a13a50 Mon Sep 17 00:00:00 2001
From: Anna Henningsen <anna@addaleax.net>
Date: Fri, 20 May 2016 22:55:37 +0200
Subject: [PATCH] vm: don't abort process when stack space runs out

Make less assumptions about what objects will be available when
vm context creation or error message printing fail because V8
runs out of JS stack space.

Ref: https://github.com/nodejs/node/issues/6899
PR-URL: https://github.com/nodejs/node/pull/6907
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
---
 src/node.cc                              |  4 ++--
 src/node_contextify.cc                   | 14 +++++++++----
 test/parallel/test-vm-low-stack-space.js | 26 ++++++++++++++++++++++++
 3 files changed, 38 insertions(+), 6 deletions(-)
 create mode 100644 test/parallel/test-vm-low-stack-space.js

diff --git a/src/node.cc b/src/node.cc
index e7c8eb177af162..e7d61c05b275e2 100644
--- a/src/node.cc
+++ b/src/node.cc
@@ -1521,8 +1521,8 @@ void AppendExceptionLine(Environment* env,
   // sourceline to 78 characters, and we end up not providing very much
   // useful debugging info to the user if we remove 62 characters.
 
-  int start = message->GetStartColumn(env->context()).FromJust();
-  int end = message->GetEndColumn(env->context()).FromJust();
+  int start = message->GetStartColumn(env->context()).FromMaybe(0);
+  int end = message->GetEndColumn(env->context()).FromMaybe(0);
 
   char arrow[1024];
   int max_off = sizeof(arrow) - 2;
diff --git a/src/node_contextify.cc b/src/node_contextify.cc
index db83660308ce99..bef7168ada755b 100644
--- a/src/node_contextify.cc
+++ b/src/node_contextify.cc
@@ -205,7 +205,11 @@ class ContextifyContext {
 
     Local<Context> ctx = Context::New(env->isolate(), nullptr, object_template);
 
-    CHECK(!ctx.IsEmpty());
+    if (ctx.IsEmpty()) {
+      env->ThrowError("Could not instantiate context");
+      return Local<Context>();
+    }
+
     ctx->SetSecurityToken(env->context()->GetSecurityToken());
 
     // We need to tie the lifetime of the sandbox object with the lifetime of
@@ -632,9 +636,11 @@ class ContextifyScript : public BaseObject {
             env->arrow_message_private_symbol());
 
     Local<Value> arrow;
-    if (!(maybe_value.ToLocal(&arrow) &&
-          arrow->IsString() &&
-          stack->IsString())) {
+    if (!(maybe_value.ToLocal(&arrow) && arrow->IsString())) {
+      return;
+    }
+
+    if (stack.IsEmpty() || !stack->IsString()) {
       return;
     }
 
diff --git a/test/parallel/test-vm-low-stack-space.js b/test/parallel/test-vm-low-stack-space.js
new file mode 100644
index 00000000000000..7c1313d47c1ad9
--- /dev/null
+++ b/test/parallel/test-vm-low-stack-space.js
@@ -0,0 +1,26 @@
+'use strict';
+require('../common');
+const assert = require('assert');
+const vm = require('vm');
+
+function a() {
+  try {
+    return a();
+  } catch (e) {
+    // Throw an exception as near to the recursion-based RangeError as possible.
+    return vm.runInThisContext('() => 42')();
+  }
+}
+
+assert.strictEqual(a(), 42);
+
+function b() {
+  try {
+    return b();
+  } catch (e) {
+    // This writes a lot of noise to stderr, but it still works.
+    return vm.runInNewContext('() => 42')();
+  }
+}
+
+assert.strictEqual(b(), 42);