1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tls: fix assert in context._external accessor

Browse Source 
* Restrict the receiver to instances of the FunctionTemplate.
* Use `args.This()` instead of `args.Holder()`.

Fixes: https://github.com/nodejs/node/issues/3682
PR-URL: https://github.com/nodejs/node/pull/5521
Reviewed-By: Fedor Indutny <fedor@indutny.com>
This commit is contained in:
Ben Noordhuis 2016-03-02 14:04:42 +01:00
parent c133d07b83
commit 0bea78682a
2 changed files with 48 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
src/node_crypto.cc
View File

@ -63,6 +63,7 @@ static const int X509_NAME_FLAGS = ASN1_STRFLGS_ESC_CTRL
namespace node { namespace node {
namespace crypto { namespace crypto {
using v8::AccessorSignature;
using v8::Array; using v8::Array;
using v8::Boolean; using v8::Boolean;
using v8::Context; using v8::Context;
@ -324,7 +325,8 @@ void SecureContext::Initialize(Environment* env, Local<Object> target) {
nullptr, nullptr,
env->as_external(), env->as_external(),
DEFAULT, DEFAULT,
static_cast<PropertyAttribute>(ReadOnly | DontDelete)); static_cast<PropertyAttribute>(ReadOnly | DontDelete),
AccessorSignature::New(env->isolate(), t));
target->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "SecureContext"), target->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "SecureContext"),
t->GetFunction()); t->GetFunction());
@ -1138,9 +1140,7 @@ int SecureContext::TicketKeyCallback(SSL* ssl,
void SecureContext::CtxGetter(Local<String> property, void SecureContext::CtxGetter(Local<String> property,
const PropertyCallbackInfo<Value>& info) { const PropertyCallbackInfo<Value>& info) {
HandleScope scope(info.GetIsolate()); SSL_CTX* ctx = Unwrap<SecureContext>(info.This())->ctx_;
SSL_CTX* ctx = Unwrap<SecureContext>(info.Holder())->ctx_;
Local<External> ext = External::New(info.GetIsolate(), ctx); Local<External> ext = External::New(info.GetIsolate(), ctx);
info.GetReturnValue().Set(ext); info.GetReturnValue().Set(ext);
} }
@ -1213,7 +1213,8 @@ void SSLWrap<Base>::AddMethods(Environment* env, Local<FunctionTemplate> t) {
nullptr, nullptr,
env->as_external(), env->as_external(),
DEFAULT, DEFAULT,
static_cast<PropertyAttribute>(ReadOnly | DontDelete)); static_cast<PropertyAttribute>(ReadOnly | DontDelete),
AccessorSignature::New(env->isolate(), t));
} }
@ -2370,10 +2371,8 @@ void SSLWrap<Base>::CertCbDone(const FunctionCallbackInfo<Value>& args) {
template <class Base> template <class Base>
void SSLWrap<Base>::SSLGetter(Local<String> property, void SSLWrap<Base>::SSLGetter(Local<String> property,
const PropertyCallbackInfo<Value>& info) { const PropertyCallbackInfo<Value>& info) {
HandleScope scope(info.GetIsolate()); SSL* ssl = Unwrap<Base>(info.This())->ssl_;
SSL* ssl = Unwrap<Base>(info.Holder())->ssl_;
Local<External> ext = External::New(info.GetIsolate(), ssl); Local<External> ext = External::New(info.GetIsolate(), ssl);
info.GetReturnValue().Set(ext); info.GetReturnValue().Set(ext);
} }
@ -4313,12 +4312,14 @@ void DiffieHellman::Initialize(Environment* env, Local<Object> target) {
env->SetProtoMethod(t, "setPublicKey", SetPublicKey); env->SetProtoMethod(t, "setPublicKey", SetPublicKey);
env->SetProtoMethod(t, "setPrivateKey", SetPrivateKey); env->SetProtoMethod(t, "setPrivateKey", SetPrivateKey);
t->InstanceTemplate()->SetAccessor(env->verify_error_string(), t->InstanceTemplate()->SetAccessor(
DiffieHellman::VerifyErrorGetter, env->verify_error_string(),
nullptr, DiffieHellman::VerifyErrorGetter,
env->as_external(), nullptr,
DEFAULT, env->as_external(),
attributes); DEFAULT,
attributes,
AccessorSignature::New(env->isolate(), t));
target->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "DiffieHellman"), target->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "DiffieHellman"),
t->GetFunction()); t->GetFunction());
@ -4333,12 +4334,14 @@ void DiffieHellman::Initialize(Environment* env, Local<Object> target) {
env->SetProtoMethod(t2, "getPublicKey", GetPublicKey); env->SetProtoMethod(t2, "getPublicKey", GetPublicKey);
env->SetProtoMethod(t2, "getPrivateKey", GetPrivateKey); env->SetProtoMethod(t2, "getPrivateKey", GetPrivateKey);
t2->InstanceTemplate()->SetAccessor(env->verify_error_string(), t2->InstanceTemplate()->SetAccessor(
DiffieHellman::VerifyErrorGetter, env->verify_error_string(),
nullptr, DiffieHellman::VerifyErrorGetter,
env->as_external(), nullptr,
DEFAULT, env->as_external(),
attributes); DEFAULT,
attributes,
AccessorSignature::New(env->isolate(), t2));
target->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "DiffieHellmanGroup"), target->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "DiffieHellmanGroup"),
t2->GetFunction()); t2->GetFunction());

24
test/parallel/test-tls-external-accessor.js Normal file
View File

@ -0,0 +1,24 @@
'use strict';
const common = require('../common');
const assert = require('assert');
if (!common.hasCrypto) {
console.log('1..0 # Skipped: missing crypto');
return;
}
// Ensure accessing ._external doesn't hit an assert in the accessor method.
const tls = require('tls');
{
const pctx = tls.createSecureContext().context;
const cctx = Object.create(pctx);
assert.throws(() => cctx._external, /incompatible receiver/);
pctx._external;
}
{
const pctx = tls.createSecurePair().credentials.context;
const cctx = Object.create(pctx);
assert.throws(() => cctx._external, /incompatible receiver/);
pctx._external;
}