search

ai / nanoid

A tiny (124 bytes), secure, URL-friendly, unique string ID generator for JavaScript
https://zelark.github.io/nano-id-cc/
MIT License
24.33k stars 788 forks source link

"JavaScript heap out of memory" exception when running customAlphabet #381

Closed pscandalo closed 2 years ago

pscandalo commented 2 years ago

If by mistake someone calls the customAlphabet method with the size parameter as a string, it causes a "JavaScript heap out of memory" exception

"FATAL ERROR: Reached heap limit Allocation failed - JavaScript heap out of memory"

Seems that the 3.1.19 version introduces some changes in the customRandom exit clause that results in an infinite while loop when size is a string parameter.

I noticed the error when updating to 3.3.4 due to my code path assigning the parameter from an ENV variable.

Should it add some validation to avoid unexpected errors?

ai commented 2 years ago

Sorry, you need to use TypeScript to protect yourself from using the wrong type.

We can’t add a lot of type checks to nano-library. Especially since we have a good typing files.