Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: check SecureContext existence #16964

Closed
wants to merge 1 commit into from
Closed

crypto: check SecureContext existence #16964

wants to merge 1 commit into from

Conversation

sam-github
Copy link
Contributor

SecureContext should always be present, CHECK() it, on theory an explicit crash is better than one due to null pointer deref (if that is even reachable).

@cjihrig @bnoordhuis ?

Fix:

*** CID 179169: Null pointer dereferences (NULL_RETURNS)
/src/node_crypto.cc: 1353 in node::crypto::SecureContext::SetClientCertEngine(const v8::FunctionCallbackInfov8::Value &)()
1347
1348 // SSL_CTX_set_client_cert_engine does not itself support multiple
1349 // calls by cleaning up before overwriting the client_cert_engine
1350 // internal context variable.
1351 // Instead of trying to fix up this problem we in turn also do not
1352 // support multiple calls to SetClientCertEngine.

CID 179169:  Null pointer dereferences  (NULL_RETURNS)
Dereferencing a null pointer "sc".

1353 if (sc->client_cert_engine_provided_) {
1354 return env->ThrowError(
1355 "Multiple calls to SetClientCertEngine are not allowed");
1356 }
1357
1358 const node::Utf8Value engine_id(env->isolate(), args[0]);

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
Affected core subsystem(s)

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. labels Nov 12, 2017
addaleax
addaleax approved these changes Nov 12, 2017
View reviewed changes
Copy link
Member

@addaleax addaleax left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By the way, we usually prefer explicit nullptr checks, i.e. CHECK_NE(sc, nullptr);

@sam-github
Copy link
Contributor Author

Hah, can you tell we're in the same timezone still, Anna? :-)

@sam-github
crypto: check SecureContext existence
8fbbb34 
Fix:

	*** CID 179169:  Null pointer dereferences  (NULL_RETURNS)
	/src/node_crypto.cc: 1353 in node::crypto::SecureContext::SetClientCertEngine(const v8::FunctionCallbackInfo<v8::Value> &)()
	1347
	1348       // SSL_CTX_set_client_cert_engine does not itself support multiple
	1349       // calls by cleaning up before overwriting the client_cert_engine
	1350       // internal context variable.
	1351       // Instead of trying to fix up this problem we in turn also do not
	1352       // support multiple calls to SetClientCertEngine.
	>>>     CID 179169:  Null pointer dereferences  (NULL_RETURNS)
	>>>     Dereferencing a null pointer "sc".
	1353       if (sc->client_cert_engine_provided_) {
	1354         return env->ThrowError(
	1355             "Multiple calls to SetClientCertEngine are not allowed");
	1356       }
	1357
	1358       const node::Utf8Value engine_id(env->isolate(), args[0]);
@sam-github
Copy link
Contributor Author

Rewrote as CHECK_NE(), will redo PR test later, I'm about to fly home.

@addaleax
Copy link
Member

@sam-github have a safe trip home!

@bnoordhuis
Copy link
Member

Oh, hah... #16965. Guess I should have checked my github notifications first.

ASSIGN_OR_RETURN_UNWRAP() is the right thing to use here.

@bnoordhuis bnoordhuis mentioned this pull request Nov 12, 2017
Closed
4 tasks
@bnoordhuis
Copy link
Member

I went ahead and landed #16965 (commit 6c76140.) Thanks anyway, Sam.

@bnoordhuis bnoordhuis closed this Nov 15, 2017
@sam-github sam-github deleted the check-crypto-ctx-pointer branch November 15, 2017 13:56
@sam-github
Copy link
Contributor Author

No problem, thanks Ben.

@snyk-bot snyk-bot mentioned this pull request Mar 18, 2020
Open
@snyk-bot snyk-bot mentioned this pull request Apr 1, 2020
Open
@kissofire kissofire mentioned this pull request Mar 7, 2021
Open
@meghasfdc meghasfdc mentioned this pull request Mar 8, 2021
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cjihrig cjihrig cjihrig approved these changes

@addaleax addaleax addaleax approved these changes

@jasnell jasnell jasnell approved these changes

Assignees
No one assigned
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@sam-github @addaleax @bnoordhuis @jasnell @cjihrig @nodejs-github-bot