src: fix double free reported by coverity

Fix double free reported by coverity. ToBufferEndian()
in node_i18n.cc was the only caller of Buffer::New() passing
in a MaybeStackBuffer. Coverity reported a double free
because there were paths in which the src buffer would
be deleted by both the destruction of the MaybeStackBuffer and
by the Buffer which was done even in failure cases for
Buffer::New().

Signed-off-by: Michael Dawson <[email protected]>
PR-URL: #51046
Reviewed-By: James M Snell <[email protected]>

Author: mhdawson

src/node_internals.h

@@ -192,16 +192,13 @@ static v8::MaybeLocal<v8::Object> New(Environment* env,
   char* src = reinterpret_cast<char*>(buf->out());
   const size_t len_in_bytes = buf->length() * sizeof(buf->out()[0]);
 
-  if (buf->IsAllocated())
+  if (buf->IsAllocated()) {
     ret = New(env, src, len_in_bytes);
-  else if (!buf->IsInvalidated())
-    ret = Copy(env, src, len_in_bytes);
-
-  if (ret.IsEmpty())
-    return ret;
-
-  if (buf->IsAllocated())
+    // new always takes ownership of src
     buf->Release();
+  } else if (!buf->IsInvalidated()) {
+    ret = Copy(env, src, len_in_bytes);
+  }
 
   return ret;
 }