1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

crypto: fix zero byte allocation assertion failure

Browse Source 
When an empty string was passed, malloc might have returned a nullptr
depending on the platform, causing an assertion failure. This change
makes private key parsing behave as public key parsing does, causing
a BIO error instead that can be caught in JS.

Fixes: https://github.com/nodejs/node/issues/25247

PR-URL: https://github.com/nodejs/node/pull/25248
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
This commit is contained in:
Tobias Nießen 2018-12-28 16:07:28 +01:00 committed by Anna Henningsen
parent 54fa59c8bf
commit fe5b8dca40
No known key found for this signature in database
GPG Key ID: 9C63F3A6CD2AD8F9
2 changed files with 12 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/node_crypto.cc
View File

@ -2696,7 +2696,7 @@ static bool IsSupportedAuthenticatedMode(const EVP_CIPHER_CTX* ctx) {
template <typename T> template <typename T>
static T* MallocOpenSSL(size_t count) { static T* MallocOpenSSL(size_t count) {
void* mem = OPENSSL_malloc(MultiplyWithOverflowCheck(count, sizeof(T))); void* mem = OPENSSL_malloc(MultiplyWithOverflowCheck(count, sizeof(T)));
CHECK_NOT_NULL(mem); CHECK_IMPLIES(mem == nullptr, count == 0);
return static_cast<T*>(mem); return static_cast<T*>(mem);
} }
@ -2854,7 +2854,8 @@ static EVPKeyPointer ParsePrivateKey(const PrivateKeyEncodingConfig& config,
if (config.format_ == kKeyFormatPEM) { if (config.format_ == kKeyFormatPEM) {
BIOPointer bio(BIO_new_mem_buf(key, key_len)); BIOPointer bio(BIO_new_mem_buf(key, key_len));
CHECK(bio); if (!bio)
return pkey;
char* pass = const_cast<char*>(config.passphrase_.get()); char* pass = const_cast<char*>(config.passphrase_.get());
pkey.reset(PEM_read_bio_PrivateKey(bio.get(), pkey.reset(PEM_read_bio_PrivateKey(bio.get(),
@ -2869,7 +2870,8 @@ static EVPKeyPointer ParsePrivateKey(const PrivateKeyEncodingConfig& config,
pkey.reset(d2i_PrivateKey(EVP_PKEY_RSA, nullptr, &p, key_len)); pkey.reset(d2i_PrivateKey(EVP_PKEY_RSA, nullptr, &p, key_len));
} else if (config.type_.ToChecked() == kKeyEncodingPKCS8) { } else if (config.type_.ToChecked() == kKeyEncodingPKCS8) {
BIOPointer bio(BIO_new_mem_buf(key, key_len)); BIOPointer bio(BIO_new_mem_buf(key, key_len));
CHECK(bio); if (!bio)
return pkey;
char* pass = const_cast<char*>(config.passphrase_.get()); char* pass = const_cast<char*>(config.passphrase_.get());
pkey.reset(d2i_PKCS8PrivateKey_bio(bio.get(), pkey.reset(d2i_PKCS8PrivateKey_bio(bio.get(),
nullptr, nullptr,

7
test/parallel/test-crypto-key-objects.js
View File

@ -105,3 +105,10 @@ const privatePem = fixtures.readSync('test_rsa_privkey.pem', 'ascii');
} }
} }
} }
{
// This should not cause a crash: https://github.com/nodejs/node/issues/25247
assert.throws(() => {
createPrivateKey({ key: '' });
}, /null/);
}