diff options
| author | Ben Noordhuis <info@bnoordhuis.nl> | 2019-08-20 14:10:42 +0200 |
|---|---|---|
| committer | Rich Trott <rtrott@gmail.com> | 2019-08-22 21:35:09 -0700 |
| commit | ceace1f96eb0862a2944bc38c2e897974169f622 (patch) | |
| tree | 2bf94f1c096c58eda11e6b7259565b097a0c295f /src/node_crypto.cc | |
| parent | 6726f567d7110c0e3f402babb6e0bbdfd2a97156 (diff) | |
| download | android-node-v8-ceace1f96eb0862a2944bc38c2e897974169f622.tar.gz android-node-v8-ceace1f96eb0862a2944bc38c2e897974169f622.tar.bz2 android-node-v8-ceace1f96eb0862a2944bc38c2e897974169f622.zip | |
crypto: handle i2d_SSL_SESSION() error return
i2d_SSL_SESSION() can return a value <= 0 when the session is malformed
or otherwise invalid. Handle that case.
This change comes without a regression test because I couldn't figure
out a good way to generate an existing but invalid session in a timely
fashion.
Fixes: https://github.com/nodejs/node/issues/29202
PR-URL: https://github.com/nodejs/node/pull/29225
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Diffstat (limited to 'src/node_crypto.cc')
| -rw-r--r-- | src/node_crypto.cc | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index de301d77c2..5634d8b1dc 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -2317,11 +2317,12 @@ void SSLWrap<Base>::GetSession(const FunctionCallbackInfo<Value>& args) { return; int slen = i2d_SSL_SESSION(sess, nullptr); - CHECK_GT(slen, 0); + if (slen <= 0) + return; // Invalid or malformed session. AllocatedBuffer sbuf = env->AllocateManaged(slen); unsigned char* p = reinterpret_cast<unsigned char*>(sbuf.data()); - i2d_SSL_SESSION(sess, &p); + CHECK_LT(0, i2d_SSL_SESSION(sess, &p)); args.GetReturnValue().Set(sbuf.ToBuffer().ToLocalChecked()); } |