Skip to content

Commit

Permalink
src: fix abort in pbkdf2
Browse files Browse the repository at this point in the history
Fixes: #38341

PR-URL: #38354
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
  • Loading branch information
tniessen authored and panva committed Apr 24, 2021
1 parent 767d91b commit 81d7e80
Show file tree
Hide file tree
Showing 2 changed files with 15 additions and 9 deletions.
12 changes: 3 additions & 9 deletions src/crypto/crypto_pbkdf2.cc
Original file line number Diff line number Diff line change
Expand Up @@ -92,26 +92,20 @@ Maybe<bool> PBKDF2Traits::AdditionalConfig(

params->iterations = args[offset + 2].As<Int32>()->Value();
if (params->iterations < 0) {
char msg[1024];
snprintf(msg, sizeof(msg), "iterations must be <= %d", INT_MAX);
THROW_ERR_OUT_OF_RANGE(env, msg);
THROW_ERR_OUT_OF_RANGE(env, "iterations must be <= %d", INT_MAX);
return Nothing<bool>();
}

params->length = args[offset + 3].As<Int32>()->Value();
if (params->length < 0) {
char msg[1024];
snprintf(msg, sizeof(msg), "length must be <= %d", INT_MAX);
THROW_ERR_OUT_OF_RANGE(env, msg);
THROW_ERR_OUT_OF_RANGE(env, "length must be <= %d", INT_MAX);
return Nothing<bool>();
}

Utf8Value name(args.GetIsolate(), args[offset + 4]);
params->digest = EVP_get_digestbyname(*name);
if (params->digest == nullptr) {
char errmsg[1024];
snprintf(errmsg, sizeof(errmsg), "Invalid digest: %s", *name);
THROW_ERR_CRYPTO_INVALID_DIGEST(env, errmsg);
THROW_ERR_CRYPTO_INVALID_DIGEST(env, "Invalid digest: %s", *name);
return Nothing<bool>();
}

Expand Down
12 changes: 12 additions & 0 deletions test/parallel/test-crypto-pbkdf2.js
Original file line number Diff line number Diff line change
Expand Up @@ -231,3 +231,15 @@ if (!common.hasOpenSSL3) {
runPBKDF2(new Uint8Array(10), 'salt', 8, 8, hash);
});
}

{
// This should not crash.
assert.throws(
() => crypto.pbkdf2Sync('1', '2', 1, 1, '%'),
{
code: 'ERR_CRYPTO_INVALID_DIGEST',
name: 'TypeError',
message: 'Invalid digest: %'
}
);
}

0 comments on commit 81d7e80

Please sign in to comment.