Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Possible regression with crypto.randomBytes(size, null) #16778

Closed
sehrope opened this issue Nov 5, 2017 · 4 comments
Closed

Possible regression with crypto.randomBytes(size, null) #16778

sehrope opened this issue Nov 5, 2017 · 4 comments
Labels
crypto Issues and PRs related to the crypto subsystem. question Issues that look for answers.

Comments

@sehrope
Copy link

sehrope commented Nov 5, 2017

The crypto.psuedoRandomBytes(...) and crypto.randomBytes(...) functions throw an ERR_INVALID_CALLBACK if the second parameter is null. In prior versions a null value for the second parameter would be treated the same as undefined causing the function to be invoked as if it had been invoked with just one parameter, i.e. crypto.randomBytes(size).

Reproduce via:

$ nvm use 8
Now using node v8.9.0 (npm v5.5.1)
$ node -e "console.log(require('crypto').randomBytes(4, null).toString('hex'))"
ef813d36

$ nvm use 9
Now using node v9.0.0 (npm v5.5.1)
$ node --version
v9.0.0
$ node -e "console.log(require('crypto').randomBytes(4, null).toString('hex'))"
internal/crypto/random.js:44
    throw new errors.TypeError('ERR_INVALID_CALLBACK');
    ^

TypeError [ERR_INVALID_CALLBACK]: Callback must be a function
    at Object.randomBytes (internal/crypto/random.js:44:11)
    at [eval]:1:31
    at ContextifyScript.Script.runInThisContext (vm.js:50:33)
    at Object.runInThisContext (vm.js:152:38)
    at Object.<anonymous> ([eval]-wrapper:6:22)
    at Module._compile (module.js:641:30)
    at evalScript (bootstrap_node.js:470:27)
    at startup (bootstrap_node.js:167:9)
    at bootstrap_node.js:613:3

#16454 introduced the parameter validation change that is causing this.

I'm not sure if this should be considered a regression as the function is being invoked with two arguments (i.e. null where a callback is expected) but I didn't see anything in the changelog about it though so not sure if it was overlooked.
@maclover7
Copy link
Contributor

cc @jasnell

@joyeecheung
Copy link
Member

joyeecheung commented Nov 5, 2017
edited
Loading

Personally I don't think it's a regression because null has never been documented as a valid value for cb, but it worth mentioning in the change log, eventhough it's already semver-major.

@jasnell
Copy link
Member

jasnell commented Nov 5, 2017

Yeah I likely should have called that out in the notable changes because it is hidden. This was actually somewhat intentional to make the type validation tighter.

@mscdex mscdex added crypto Issues and PRs related to the crypto subsystem. question Issues that look for answers. labels Nov 5, 2017
@sehrope
Copy link
Author

sehrope commented Nov 5, 2017

Ok makes sense. I think calling it out explicitly in the changelog would be useful.

@sehrope sehrope mentioned this issue Nov 6, 2017
Closed
@tsauzeau tsauzeau mentioned this issue Nov 20, 2017
Merged
@maustand maustand mentioned this issue Nov 23, 2017
Closed
tniessen added a commit to tniessen/node that referenced this issue Dec 10, 2017
@tniessen
doc: note that randomBytes throws when passed null
0da22bd 
Fixes: nodejs#16778
@tniessen tniessen mentioned this issue Dec 10, 2017
Closed
2 tasks
@sehrope sehrope mentioned this issue Dec 19, 2017
Closed
MylesBorins pushed a commit that referenced this issue Jan 8, 2018
@tniessen @MylesBorins
doc: note that randomBytes throws when passed null
d70e6dc 
Fixes: #16778

PR-URL: #17594
Fixes: #16778
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Jon Moss <me@jonathanmoss.me>
@svbatalov svbatalov mentioned this issue Nov 8, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
crypto Issues and PRs related to the crypto subsystem. question Issues that look for answers.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

doc: note that randomBytes throws when passed null tniessen/node
5 participants
@mscdex @jasnell @sehrope @maclover7 @joyeecheung