Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

src: use automatic memory mgmt in SecretKeyGen #44479

Conversation

tniessen
Copy link
Member

@tniessen tniessen commented Sep 1, 2022

Avoid manual memory management (i.e., calling MallocOpenSSL). This leaves less room for memory leaks and other bugs.

The import bit here is using ByteSource::Builder (see #43202).

Avoid manual memory management (i.e., calling MallocOpenSSL). This
leaves less room for memory leaks and other bugs.
@tniessen tniessen added the c++ Issues and PRs that require attention from people who are familiar with C++. label Sep 1, 2022
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. labels Sep 1, 2022
@tniessen tniessen added review wanted PRs that need reviews. request-ci Add this label to start a Jenkins CI on a PR. labels Sep 4, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Sep 4, 2022
@nodejs-github-bot

This comment was marked as outdated.

@nodejs-github-bot
Copy link
Collaborator

@tniessen
Copy link
Member Author

tniessen commented Sep 5, 2022

cc @nodejs/cpp-reviewers

@tniessen tniessen added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Sep 5, 2022
@tniessen tniessen added the commit-queue Add this label to land a pull request using GitHub Actions. label Sep 5, 2022
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Sep 5, 2022
@nodejs-github-bot nodejs-github-bot merged commit 1f54fc2 into nodejs:main Sep 5, 2022
@nodejs-github-bot
Copy link
Collaborator

Landed in 1f54fc2

Fyko pushed a commit to Fyko/node that referenced this pull request Sep 15, 2022
Avoid manual memory management (i.e., calling MallocOpenSSL). This
leaves less room for memory leaks and other bugs.

PR-URL: nodejs#44479
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
@RafaelGSS
Copy link
Member

It didn't land cleanly on v18.x. This PR conflicts with a security change in the same method (

params->out = MallocOpenSSL<char>(params->length);
).

@RafaelGSS RafaelGSS added the backport-requested-v18.x PRs awaiting manual backport to the v18.x-staging branch. label Sep 26, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. backport-requested-v18.x PRs awaiting manual backport to the v18.x-staging branch. c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. review wanted PRs that need reviews.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants