-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto: add missing null check #40598
Conversation
@jasnell not sure if a blank error message like I've used is the best we can do or if it would be good to say something like "failed to get message for error". What do you think? |
I don't think we should fall back to the empty string here. |
Something like "Unknown error" or "Unspecified error" may work. But yeah, the empty string is not ideal |
@@ -1037,6 +1037,8 @@ void SecureContext::LoadPKCS12(const FunctionCallbackInfo<Value>& args) { | |||
// TODO(@jasnell): Should this use ThrowCryptoError? | |||
unsigned long err = ERR_get_error(); // NOLINT(runtime/int) | |||
const char* str = ERR_reason_error_string(err); | |||
str = str != nullptr ? str : "Unknown error"; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ERR_reason_error_string
should only return nullptr
if ERR_get_error
returned 0
, indicating no error.
If there is a guarantee that ERR_get_error
will not return 0
, this should probably be a CHECK_NOT_NULL(str)
instead. (But I don't know if that's the case.)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@tniessen I did wonder about that, but I checked other places that ERR_reason_error_string was called in the Node.js code base and in those places (I think there were 2 others) the code did a nullptr check.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
Looking at the CI job 41147 all jobs passed including the one that the checks on the PR show as failed. Not sure why that is but since CI is green will land. |
Add null check before using result of ERR_reason_error_string. Coverity reported as an issue and we seem to do a null check in other places we call the function. Signed-off-by: Michael Dawson <mdawson@devrus.com> PR-URL: #40598 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Landed in 8e7fd72 |
Add null check before using result of ERR_reason_error_string. Coverity reported as an issue and we seem to do a null check in other places we call the function. Signed-off-by: Michael Dawson <mdawson@devrus.com> PR-URL: #40598 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Add null check before using result of ERR_reason_error_string. Coverity reported as an issue and we seem to do a null check in other places we call the function. Signed-off-by: Michael Dawson <mdawson@devrus.com> PR-URL: #40598 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Add null check before using result of ERR_reason_error_string. Coverity reported as an issue and we seem to do a null check in other places we call the function. Signed-off-by: Michael Dawson <mdawson@devrus.com> PR-URL: #40598 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Add null check before using result of ERR_reason_error_string. Coverity reported as an issue and we seem to do a null check in other places we call the function. Signed-off-by: Michael Dawson <mdawson@devrus.com> PR-URL: #40598 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Add null check before using result of
ERR_reason_error_string. Coverity reported as an issue
and we seem to do a null check in other places we call
the function.
Signed-off-by: Michael Dawson mdawson@devrus.com