Skip to content

Commit

Permalink
crypto: prevent Sign::SignFinal from crashing
Browse files Browse the repository at this point in the history 
The validation logic could be tricked into assuming an option was
valid using malicious getters, leading to an invalid value being
passed to the C++ layer, thus crashing the process.

PR-URL: #21815
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
  • Loading branch information
@tniessen
tniessen committed Jul 17, 2018
1 parent 3504850 commit 43cc6bc
Showing 1 changed file with 4 additions and 3 deletions.
7 changes: 4 additions & 3 deletions lib/internal/crypto/sig.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,10 +57,11 @@ function getSaltLength(options) {

function getIntOption(name, defaultValue, options) {
if (options.hasOwnProperty(name)) {
if (options[name] === options[name] >> 0) {
return options[name];
const value = options[name];
if (value === value >> 0) {
return value;
} else {
throw new ERR_INVALID_OPT_VALUE(name, options[name]);
throw new ERR_INVALID_OPT_VALUE(name, value);
}
}
return defaultValue;
Expand Down

0 comments on commit 43cc6bc

Please sign in to comment.