express icon indicating copy to clipboard operation
express copied to clipboard
Published 4 weeks ago verified publisher icon expressjs

fix: prevent crash when BigInt passed to res.status()

Open SrinjoyDev opened this issue 2 months ago • 1 comments

Description

This PR fixes issue #6756 where passing a BigInt value to res.status() or res.sendStatus() causes an uncaught TypeError that crashes the server.

Problem

The current implementation uses JSON.stringify() to format error messages when invalid status codes are provided. However, JSON.stringify() cannot serialize BigInt values, leading to a secondary crash when trying to report the original error:

res.sendStatus(200n);  // BigInt literal
// TypeError: Do not know how to serialize a BigInt
//     at JSON.stringify (<anonymous>)

Solution

Replace JSON.stringify(code) with String(code) in error messages. This approach:

  • [x] Handles BigInt and all other JavaScript types safely
  • [x] Provides more informative error messages by including the type
  • [x] Maintains backward compatibility
  • [x] Prevents server crashes from edge cases

Changes

Modified Files

  • lib/response.js: Updated error message generation in res.status() (lines 67, 71)
  • test/res.status.js: Added test case for BigInt status code
  • test/res.sendStatus.js: Added test cases for BigInt, string, and object status codes

Error Message Format

Before:

TypeError: Invalid status code: [crashes before message completes]

After:

TypeError: Invalid status code: 200 (bigint). Status code must be an integer.

The new format ${String(code)} (${typeof code}) provides clear feedback showing both the value and its type.

Testing

All existing tests pass (1242/1242 ✅), plus 4 new test cases:

  1. [x] res.status() with BigInt throws proper error
  2. [x] res.sendStatus() with BigInt throws proper error
  3. [x] res.sendStatus() with string throws proper error
  4. [x] res.sendStatus() with object throws proper error

Run tests:

npm test

Backward Compatibility

This change is fully backward compatible:

  • Valid status codes continue to work exactly as before
  • Invalid status codes still throw appropriate errors
  • Only the error message format has improved

Related

Closes #6756

Checklist

  • [x] Tests added for the fix
  • [x] All tests passing
  • [x] No breaking changes
  • [x] Follows existing code style
  • [x] Commit message follows conventional commits format

SrinjoyDev avatar Oct 21 '25 16:10 SrinjoyDev

Likely a duplicate of https://github.com/expressjs/express/pull/6839

abhisekp avatar Oct 22 '25 13:10 abhisekp

There's no crash here. Im sorry but misunderstanding the problem you're attempting to solve is a close from me.

jonchurch avatar Dec 12 '25 19:12 jonchurch