Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: random value issues v15 #35722

Closed
panva opened this issue Oct 20, 2020 · 3 comments
Closed

crypto: random value issues v15 #35722

panva opened this issue Oct 20, 2020 · 3 comments

Comments

@panva
Copy link
Member

@panva panva commented Oct 20, 2020

  • Version: v15.0.0
  • Platform: Darwin C02CX0K5MD6V 19.6.0 Darwin Kernel Version 19.6.0: Mon Aug 31 22:12:52 PDT 2020; root:xnu-6153.141.2~1/RELEASE_X86_64 x86_64
  • Subsystem: crypto

What steps will reproduce the bug?

const crypto = require('crypto')

console.log(crypto.randomFillSync(Buffer.allocUnsafe(16)));

How often does it reproduce? Is there a required condition?

What is the expected behavior?

Buffer gets logged with random values

What do you see instead?

Buffer gets logged with only zeroes

Additional information

Screenshot 2020-10-20 at 18 19 54

@targos
Copy link
Member

@targos targos commented Oct 20, 2020

@richardlau
Copy link
Member

@richardlau richardlau commented Oct 20, 2020

Seems to fail on the current master branch (6b6bbfe) too.

jasnell added a commit to jasnell/node that referenced this issue Oct 20, 2020
Signed-off-by: James M Snell <jasnell@gmail.com>

Fixes: nodejs#35722
@ai
Copy link

@ai ai commented Oct 21, 2020

Potentially it can be a huge security issue.

BethGriggs pushed a commit that referenced this issue Oct 21, 2020
Signed-off-by: James M Snell <jasnell@gmail.com>

Fixes: #35722
PR-URL: #35723
Reviewed-By: Сковорода Никита Андреевич <chalkerx@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
BethGriggs pushed a commit that referenced this issue Oct 21, 2020
Notable changes:

- **crypto**: fix regression on randomFillSync (James M Snell)
  (#35723)
  * This fixes issue #35722.
- **doc**: add release key for Danielle Adams (Danielle Adams)
  (#35545)

PR-URL: #35736
BethGriggs pushed a commit that referenced this issue Oct 21, 2020
Notable changes:

- **crypto**: fix regression on randomFillSync (James M Snell)
  (#35723)
  - This fixes issue #35722.
- **deps**: upgrade npm to 7.0.3 (Ruy Adorno)
  (#35724)
- **doc**: add release key for Danielle Adams (Danielle Adams)
  (#35545)

PR-URL: #35736
BethGriggs pushed a commit that referenced this issue Oct 21, 2020
Notable changes:

- **crypto**: fix regression on randomFillSync (James M Snell)
  (#35723)
  - This fixes issue #35722.
- **deps**: upgrade npm to 7.0.3 (Ruy Adorno)
  (#35724)
- **doc**: add release key for Danielle Adams (Danielle Adams)
  (#35545)

PR-URL: #35736
BethGriggs pushed a commit that referenced this issue Oct 21, 2020
Notable changes:

- **crypto**: fix regression on randomFillSync (James M Snell)
  (#35723)
  - This fixes issue #35722.
- **deps**: upgrade npm to 7.0.3 (Ruy Adorno)
  (#35724)
- **doc**: add release key for Danielle Adams (Danielle Adams)
  (#35545)

PR-URL: #35736
achingbrain added a commit to ipfs/js-ipfs that referenced this issue Oct 22, 2020
nodejs/node#35722 has been released so re-enable testing on node 15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
6 participants
@ai @panva @addaleax @targos @richardlau and others