crypto, bugfix: specifying a negative size of crypto.randomBytes will…

… cause a segmentation fault, #664 #665

fibjs/src/crypto/crypto.cpp

@@ -104,6 +104,9 @@ result_t crypto_base::loadReq(exlib::string filename, obj_ptr<X509Req_base>& ret
 result_t crypto_base::randomBytes(int32_t size, obj_ptr<Buffer_base>& retVal,
     AsyncEvent* ac)
 {
+    if (size < 1)
+        return CHECK_ERROR(CALL_E_OUTRANGE);
+
     if (ac->isSync())
         return CHECK_ERROR(CALL_E_NOSYNC);
 
@@ -138,6 +141,9 @@ result_t crypto_base::randomBytes(int32_t size, obj_ptr<Buffer_base>& retVal,
 result_t crypto_base::simpleRandomBytes(int32_t size, obj_ptr<Buffer_base>& retVal,
     AsyncEvent* ac)
 {
+    if (size < 1)
+        return CHECK_ERROR(CALL_E_OUTRANGE);
+
     if (ac->isSync())
         return CHECK_ERROR(CALL_E_NOSYNC);
 
@@ -158,6 +164,9 @@ result_t crypto_base::simpleRandomBytes(int32_t size, obj_ptr<Buffer_base>& retV
 result_t crypto_base::pseudoRandomBytes(int32_t size, obj_ptr<Buffer_base>& retVal,
     AsyncEvent* ac)
 {
+    if (size < 1)
+        return CHECK_ERROR(CALL_E_OUTRANGE);
+
     if (ac->isSync())
         return CHECK_ERROR(CALL_E_NOSYNC);
 

test/crypto_test.js

@@ -195,10 +195,26 @@ describe('crypto', () => {
 
     it("random", () => {
         assert.notEqual(crypto.randomBytes(8).hex(), crypto.randomBytes(8).hex());
+
+        assert.throws(() => {
+            crypto.randomBytes(-125);
+        });
+    });
+
+    it("simpleRandomBytes", () => {
+        assert.notEqual(crypto.simpleRandomBytes(8).hex(), crypto.simpleRandomBytes(8).hex());
+
+        assert.throws(() => {
+            crypto.simpleRandomBytes(-125);
+        });
     });
 
     it("pseudoRandomBytes", () => {
         assert.notEqual(crypto.pseudoRandomBytes(8).hex(), crypto.pseudoRandomBytes(8).hex());
+
+        assert.throws(() => {
+            crypto.pseudoRandomBytes(-125);
+        });
     });
 
     it("randomArt", () => {