1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

crypto: prevent Sign::SignFinal from crashing

Browse Source 
The validation logic could be tricked into assuming an option was
valid using malicious getters, leading to an invalid value being
passed to the C++ layer, thus crashing the process.

PR-URL: https://github.com/nodejs/node/pull/21815
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
This commit is contained in:
Tobias Nießen 2018-07-14 18:59:39 +02:00
parent 3504850a00
commit 43cc6bc9f3
No known key found for this signature in database
GPG Key ID: 718207F8FD156B70
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/internal/crypto/sig.js
View File

@ -57,10 +57,11 @@ function getSaltLength(options) {
function getIntOption(name, defaultValue, options) { function getIntOption(name, defaultValue, options) {
if (options.hasOwnProperty(name)) { if (options.hasOwnProperty(name)) {
if (options[name] === options[name] >> 0) { const value = options[name];
return options[name]; if (value === value >> 0) {
return value;
} else { } else {
throw new ERR_INVALID_OPT_VALUE(name, options[name]); throw new ERR_INVALID_OPT_VALUE(name, value);
} }
} }
return defaultValue; return defaultValue;