fixup! doc,test: mem protection must be observed in ffi

bengl · bengl · commit f3d4109ff45b · 2026-04-19T22:53:09.000-04:00
diff --git a/doc/api/ffi.md b/doc/api/ffi.md
@@ -533,7 +533,8 @@ native memory directly. The caller must guarantee that:
 * `length` stays within the allocated native region.
 * no native code frees or repurposes that memory while JavaScript still uses
   the `Buffer`.
-* Memory protection is observed.
+* Memory protection is observed. For example, read-only memory pages must not
+  be written to.
 
 If these guarantees are not met, reading or writing the `Buffer` can corrupt
 memory or crash the process.
diff --git a/test/ffi/ffi-test-common.js b/test/ffi/ffi-test-common.js
@@ -80,6 +80,10 @@ const fixtureSymbols = {
   readonly_memory: { parameters: [], result: 'pointer' },
 };
 
+if (!common.isWindows) {
+  fixtureSymbols.readonly_memory = { parameters: [], result: 'pointer' };
+}
+
 function cString(value) {
   return Buffer.from(`${value}\0`);
 }
diff --git a/test/ffi/fixture_library/ffi_test_library.c b/test/ffi/fixture_library/ffi_test_library.c
@@ -2,11 +2,10 @@
 #include <stdint.h>
 #include <stdlib.h>
 #include <string.h>
-#include <sys/mman.h>
-
 #ifdef _WIN32
 #define FFI_EXPORT __declspec(dllexport)
 #else
+#include <sys/mman.h>
 #define FFI_EXPORT
 #endif
 
@@ -380,9 +379,11 @@ FFI_EXPORT void array_set_f64(double* arr, size_t index, double value) {
   arr[index] = value;
 }
 
-FFI_EXPORT void * readonly_memory() {
+#ifndef _WIN32
+FFI_EXPORT void* readonly_memory() {
   // TODO(bengl) Add a Windows version of this.
 
-  void * p = mmap(0, 4096, PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
+  void* p = mmap(0, 4096, PROT_READ, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0);
   return p;
 }
+#endif
diff --git a/test/ffi/test-ffi-readonly-write.js b/test/ffi/test-ffi-readonly-write.js
@@ -11,14 +11,15 @@ if (isWindows) {
   skip('This test currently relies on POSIX APIs');
 }
 
-test('writing to readonly memory via buffer results in SIGBUS', () => {
+test('writing to readonly memory via buffer fails', () => {
   const symbols = JSON.stringify(fixtureSymbols);
-  const { stdout, status, signal } = spawnSync(process.execPath, [
+  const libPath = JSON.stringify(libraryPath);
+  const { stdout, status } = spawnSync(process.execPath, [
     '--experimental-ffi',
     '-p',
     `
     const ffi = require('node:ffi');
-    const { functions } = ffi.dlopen('${libraryPath}', ${symbols})
+    const { functions } = ffi.dlopen(${libPath}, ${symbols})
     const p = functions.readonly_memory();
     const b = ffi.toBuffer(p, 4096, false);
     b[0] = 42;
