Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto.scrypt results in an abort #38381

Closed
zyscoder opened this issue Apr 24, 2021 · 0 comments
Closed

crypto.scrypt results in an abort #38381

zyscoder opened this issue Apr 24, 2021 · 0 comments
Labels
confirmed-bug Issues with confirmed bugs. crypto Issues and PRs related to the crypto subsystem.

Comments

@zyscoder
Copy link

What steps will reproduce the bug?

Setup a node instance,

» node

and run the following javascript code.

crypto = require('crypto');crypto.scrypt('','',2147485780,(err,derivedKey)=>{});

Then the node instance occurs an abort.

How often does it reproduce? Is there a required condition?

This abort can always be triggered following the steps above.

What is the expected behavior?

If any error occurs, an exception or other similar error-reporting stuff should be thrown. There is no reason to abort the whole node process.

What do you see instead?

» node
Welcome to Node.js v16.0.0-pre.
Type ".help" for more information.
> crypto = require('crypto');crypto.scrypt('','',2147485780,(err,derivedKey)=>{});
/home/zys/Toolchains/node/node[209342]: ../src/crypto/crypto_scrypt.cc:90:static v8::Maybe<bool> node::crypto::ScryptTraits::AdditionalConfig(node::crypto::CryptoJobMode, const v8::FunctionCallbackInfo<v8::Value>&, unsigned int, node::crypto::ScryptConfig*): Assertion `args[offset + 6]->IsInt32()' failed.
 1: 0x562ea70e1af4 node::Abort() [/home/zys/Toolchains/node/node]
 2: 0x562ea70e1b88  [/home/zys/Toolchains/node/node]
 3: 0x562ea729fc2c node::crypto::ScryptTraits::AdditionalConfig(node::crypto::CryptoJobMode, v8::FunctionCallbackInfo<v8::Value> const&, unsigned int, node::crypto::ScryptConfig*) [/home/zys/Toolchains/node/node]
 4: 0x562ea72b33ad node::crypto::DeriveBitsJob<node::crypto::ScryptTraits>::New(v8::FunctionCallbackInfo<v8::Value> const&) [/home/zys/Toolchains/node/node]
 5: 0x562ea7360167 v8::internal::FunctionCallbackArguments::Call(v8::internal::CallHandlerInfo) [/home/zys/Toolchains/node/node]
 6: 0x562ea7360be2  [/home/zys/Toolchains/node/node]
 7: 0x562ea73614ad  [/home/zys/Toolchains/node/node]
 8: 0x562ea736179a v8::internal::Builtin_HandleApiCall(int, unsigned long*, v8::internal::Isolate*) [/home/zys/Toolchains/node/node]
 9: 0x562ea7cff259  [/home/zys/Toolchains/node/node]
[1]    209342 abort (core dumped)  /home/zys/Toolchains/node/node

Additional information
@Ayase-252 Ayase-252 added confirmed-bug Issues with confirmed bugs. crypto Issues and PRs related to the crypto subsystem. labels Apr 24, 2021
aduh95 added a commit to aduh95/node that referenced this issue Apr 24, 2021
@aduh95
crypto: fix scrypt keylen validation
13e5047 
Fixes: nodejs#38381
@aduh95 aduh95 mentioned this issue Apr 24, 2021
Closed
targos pushed a commit that referenced this issue Apr 29, 2021
@aduh95 @targos
crypto: fix scrypt keylen validation
c1d9b5b 
Fixes: #38381

PR-URL: #38385
Reviewed-By: Nitzan Uziely <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: Juan José Arboleda <[email protected]>
Reviewed-By: Zijian Liu <[email protected]>
Reviewed-By: Darshan Sen <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
confirmed-bug Issues with confirmed bugs. crypto Issues and PRs related to the crypto subsystem.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

crypto: fix scrypt keylen validation aduh95/node
2 participants
@Ayase-252 @zyscoder