check for overflow in js_talercrypto_hash_argon2id - quickjs-tart - quickjs-based runtime for wallet-core logic

commit a14ef3ecc9b7564bc12245a080e83e4092f6f29e
parent 36e7fabe75facc704e0e53e882a0f5c0cb6625c9
Author: Florian Dold <florian@dold.me>
Date:   Tue,  3 Jun 2025 21:13:41 +0200

check for overflow in js_talercrypto_hash_argon2id

Issue: https://bugs.taler.net/n/9951

Diffstat:
M tart_module.c  | 6 ++++++

1 file changed, 6 insertions(+), 0 deletions(-)
diff --git a/tart_module.c b/tart_module.c
@@ -507,6 +507,12 @@ static JSValue js_talercrypto_hash_argon2id(JSContext *ctx, JSValue this_val,
         goto exception;
     }
 
+    // Check for overflow when converting memory size to bytes
+    if (((unsigned long long)mem_size * 1024) > UINT32_MAX) {
+        JS_ThrowTypeError(ctx, "mem_size too large");
+        goto exception;
+    }
+
     hash = malloc(hash_len);
     if (NULL == hash) {
       goto exception;

	quickjs-tart quickjs-based runtime for wallet-core logic
	Log \| Files \| Refs \| README \| LICENSE