Skip to content

Commit

Permalink
src: replace unreachable code with static_assert
Browse files Browse the repository at this point in the history
This function base64-decodes a given JavaScript string to obtain the
secret key, whose length must not exceed INT_MAX. However, because
JavaScript strings are limited to v8::String::kMaxLength chars and
because base64 decoding never yields more bytes than input chars, the
size of the decoded key must be strictly less than
v8::String::kMaxLength bytes. Therefore, it is sufficient to statically
assert that String::kMaxLength <= INT_MAX (which is always true because
String::kMaxLength itself is an int).

Aside from being unreachable, Coverity considers the current code
"suspicious" because it indicates that buffers larger than INT_MAX might
actually be allocated.

PR-URL: #46209
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Minwoo Jung <nodecorelab@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
  • Loading branch information
tniessen authored and juanarbol committed Jan 31, 2023
1 parent 3e70b7d commit 94605b1
Showing 1 changed file with 1 addition and 5 deletions.
6 changes: 1 addition & 5 deletions src/crypto/crypto_keys.cc
Original file line number Diff line number Diff line change
Expand Up @@ -479,12 +479,8 @@ std::shared_ptr<KeyObjectData> ImportJWKSecretKey(
return std::shared_ptr<KeyObjectData>();
}

static_assert(String::kMaxLength <= INT_MAX);
ByteSource key_data = ByteSource::FromEncodedString(env, key.As<String>());
if (key_data.size() > INT_MAX) {
THROW_ERR_CRYPTO_INVALID_KEYLEN(env);
return std::shared_ptr<KeyObjectData>();
}

return KeyObjectData::CreateSecret(std::move(key_data));
}

Expand Down

0 comments on commit 94605b1

Please sign in to comment.