Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto.pbkdf2 with an keylen too long crashes in a segfalt #5396

Closed
calvinmetcalf opened this issue Feb 23, 2016 · 5 comments
Closed

crypto.pbkdf2 with an keylen too long crashes in a segfalt #5396

calvinmetcalf opened this issue Feb 23, 2016 · 5 comments
Labels
crypto Issues and PRs related to the crypto subsystem.

Comments

@calvinmetcalf
Copy link
Contributor

in node 4.1.2 and latter calling

crypto.pbkdf2('password','salt', 1, 4073741824, function(err, resp){console.log(err, resp)});

causes node to crash with the message

Segmentation fault: 11

node 4.1.1 and earlier throw a TypeError: Bad key length

browserify/pbkdf2#22

I suspect this commit 4c8d96b is to blame
@mscdex mscdex added the crypto Issues and PRs related to the crypto subsystem. label Feb 23, 2016
@indutny
Copy link
Member

indutny commented Feb 23, 2016

Fix is coming in a bit.

@indutny
Copy link
Member

indutny commented Feb 23, 2016

cc @nodejs/crypto

indutny added a commit to indutny/io.js that referenced this issue Feb 23, 2016
@indutny
crypto: PBKDF2 works with int not ssize_t
d924513 
Change types of all PBKDF2 params to `int` as they are `int` in `evp.h`.

Check that `raw_keylen` fits into `int` before passing it to OpenSSL.

Fix: nodejs#5396
@calvinmetcalf
Copy link
Contributor Author

thanks!

@indutny indutny mentioned this issue Feb 23, 2016
Closed
4 tasks
@indutny
Copy link
Member

indutny commented Feb 23, 2016

Should be fixed by #5397

@dcousens
Copy link

Cheers for following this up @calvinmetcalf / @indutny.

@indutny indutny closed this as completed in da3f425 Mar 1, 2016
Fishrock123 pushed a commit that referenced this issue Mar 2, 2016
@indutny @Fishrock123
crypto: PBKDF2 works with int not ssize_t
88f3935 
Change types of all PBKDF2 params to `int` as they are `int` in `evp.h`.

Check that `raw_keylen` fits into `int` before passing it to OpenSSL.

Fix: #5396
PR-URL: #5397
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Reviewed-By: Ben Noorhduis <info@bnoordhuis.nl>

Conflicts:
	test/parallel/test-crypto-pbkdf2.js
MylesBorins pushed a commit that referenced this issue Mar 17, 2016
@indutny
crypto: PBKDF2 works with int not ssize_t
2539ade 
Change types of all PBKDF2 params to `int` as they are `int` in `evp.h`.

Check that `raw_keylen` fits into `int` before passing it to OpenSSL.

Fix: #5396
PR-URL: #5397
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Reviewed-By: Ben Noorhduis <info@bnoordhuis.nl>
MylesBorins pushed a commit that referenced this issue Mar 21, 2016
@indutny
crypto: PBKDF2 works with int not ssize_t
97e95d0 
Change types of all PBKDF2 params to `int` as they are `int` in `evp.h`.

Check that `raw_keylen` fits into `int` before passing it to OpenSSL.

Fix: #5396
PR-URL: #5397
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
Reviewed-By: Ben Noorhduis <info@bnoordhuis.nl>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
crypto Issues and PRs related to the crypto subsystem.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

crypto: PBKDF2 works with int not ssize_t indutny/io.js
4 participants
@mscdex @indutny @dcousens @calvinmetcalf