diff options
author | Tobias Nießen <tniessen@tnie.de> | 2018-12-28 16:07:28 +0100 |
---|---|---|
committer | Anna Henningsen <anna@addaleax.net> | 2018-12-30 18:18:40 +0100 |
commit | fe5b8dca40bbd209a319843d907e5ce809add8b4 (patch) | |
tree | 0a361018ebbe5425f4aa7c29c35ef322eb799a87 /src | |
parent | 54fa59c8bf441e4e8c187150f7ffe11680e9ccba (diff) | |
download | android-node-v8-fe5b8dca40bbd209a319843d907e5ce809add8b4.tar.gz android-node-v8-fe5b8dca40bbd209a319843d907e5ce809add8b4.tar.bz2 android-node-v8-fe5b8dca40bbd209a319843d907e5ce809add8b4.zip |
crypto: fix zero byte allocation assertion failure
When an empty string was passed, malloc might have returned a nullptr
depending on the platform, causing an assertion failure. This change
makes private key parsing behave as public key parsing does, causing
a BIO error instead that can be caught in JS.
Fixes: https://github.com/nodejs/node/issues/25247
PR-URL: https://github.com/nodejs/node/pull/25248
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Diffstat (limited to 'src')
-rw-r--r-- | src/node_crypto.cc | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 201b1815e1..c18432b620 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -2696,7 +2696,7 @@ static bool IsSupportedAuthenticatedMode(const EVP_CIPHER_CTX* ctx) { template <typename T> static T* MallocOpenSSL(size_t count) { void* mem = OPENSSL_malloc(MultiplyWithOverflowCheck(count, sizeof(T))); - CHECK_NOT_NULL(mem); + CHECK_IMPLIES(mem == nullptr, count == 0); return static_cast<T*>(mem); } @@ -2854,7 +2854,8 @@ static EVPKeyPointer ParsePrivateKey(const PrivateKeyEncodingConfig& config, if (config.format_ == kKeyFormatPEM) { BIOPointer bio(BIO_new_mem_buf(key, key_len)); - CHECK(bio); + if (!bio) + return pkey; char* pass = const_cast<char*>(config.passphrase_.get()); pkey.reset(PEM_read_bio_PrivateKey(bio.get(), @@ -2869,7 +2870,8 @@ static EVPKeyPointer ParsePrivateKey(const PrivateKeyEncodingConfig& config, pkey.reset(d2i_PrivateKey(EVP_PKEY_RSA, nullptr, &p, key_len)); } else if (config.type_.ToChecked() == kKeyEncodingPKCS8) { BIOPointer bio(BIO_new_mem_buf(key, key_len)); - CHECK(bio); + if (!bio) + return pkey; char* pass = const_cast<char*>(config.passphrase_.get()); pkey.reset(d2i_PKCS8PrivateKey_bio(bio.get(), nullptr, |