[squash] allow Buffer.harden() only in sync mode

nodejs · ChALkeR · Jun 26, 2019 · Jul 29, 2019 · Jul 29, 2019 · Jul 31, 2019
commit 9bc2bce00f3d80e7337314aa59966e64bf805857
diff --git a/doc/api/buffer.md b/doc/api/buffer.md
@@ -954,8 +954,9 @@ This method has effect only of subsequent Buffer API usage, Buffer instances
 created before `Buffer.harden()` is called are not affected.
 
 Warning: for ecosystem compatibility and security reasons `Buffer.harden()` can
-be called only once and only from the top-level application code. Attempting to
-call it from a library in `node_modules` will throw.
+be called only once and only from the top-level application code and only before
+the first turn of the event loop. Attempting to call it asynchronously in
+runtime or from a library in `node_modules` will throw.
 
 By default, it enables mandratory zero fill, disables Buffer pooling, disables
 deprecated unsafe Buffer API, freezes `Buffer` and `require('buffer')` objects.

diff --git a/lib/buffer.js b/lib/buffer.js
@@ -199,6 +199,12 @@ Buffer.harden = function({
       'Calling Buffer.harden() from dependencies is not supported.'
     );
   }
+  const perf_hooks = require('perf_hooks');
+  const stillSynchronous = perf_hooks.performance.nodeTiming.loopStart < 0;
+  if (!stillSynchronous) throw new ERR_ASSERTION(
+    'Buffer.harden() should be called only in synchronous mode, during app ' +
+    'startup. Calling Buffer.harden() asynchronously is not supported.'
+  );
   Object.assign(hardened, {
     applied: true,
     zeroFill: Boolean(zeroFill),