nodejs · aduh95 · Nov 6, 2024 · Oct 29, 2024 · Oct 29, 2024
diff --git a/src/node_modules.cc b/src/node_modules.cc
@@ -100,11 +100,23 @@ const BindingData::PackageConfig* BindingData::GetPackageJSON(
   if (ReadFileSync(&package_config.raw_json, path.data()) < 0) {
     return nullptr;
   }
+  // In some systems, std::string is annotated to generate an
+  // AddressSanitizer: container-overflow error when reading beyond the end of
+  // the string even when we are still within the capacity of the string.
+  // https://github.com/google/sanitizers/wiki/AddressSanitizerContainerOverflow
+  // https://github.com/nodejs/node/issues/55584
+  // The next lines are a workaround to avoid this false positive.
+  size_t json_length = package_config.raw_json.size();
+  package_config.raw_json.append(simdjson::SIMDJSON_PADDING, ' ');
+  simdjson::padded_string_view json_view(package_config.raw_json.data(),
+                                         json_length,
+                                         package_config.raw_json.size());
+  // End of workaround
 
   simdjson::ondemand::document document;
   simdjson::ondemand::object main_object;
   simdjson::error_code error =
-      binding_data->json_parser.iterate(package_config.raw_json).get(document);
+      binding_data->json_parser.iterate(json_view).get(document);
 
   const auto throw_invalid_package_config = [error_context, path, realm]() {
     if (error_context == nullptr) {