X Tutup
The Wayback Machine - https://web.archive.org/web/20210814041832/https://github.com/nodejs/node/pull/38102
Skip to content

/ node

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: fix crash in CCM mode without data #38102

Closed
wants to merge 2 commits into from
Closed

crypto: fix crash in CCM mode without data #38102

wants to merge 2 commits into from

Conversation

@tniessen
Copy link
Member

@tniessen tniessen commented Apr 5, 2021

OpenSSL requires calling the update function exactly once in CCM mode, and EVP_CTRL_AEAD_GET_TAG will fail if that doesn't happen. We do protect against calling the update function too many times, but calling it zero times isn't really a valid use case, so we never checked that.

Fixes: #38035
@tniessen
crypto: fix crash in CCM mode without data
2fb8caf 
Fixes: #38035
@cjihrig
cjihrig approved these changes Apr 6, 2021
View changes
@tniessen tniessen removed the needs-ci label Apr 6, 2021
@nodejs-github-bot

This comment has been hidden.

Sign in to view
@addaleax
addaleax approved these changes Apr 6, 2021
View changes
@jasnell
jasnell approved these changes Apr 6, 2021
View changes
@nodejs-github-bot

This comment has been hidden.

Sign in to view
@nodejs-github-bot

This comment has been hidden.

Sign in to view
@nodejs-github-bot

This comment has been hidden.

Sign in to view
@nodejs-github-bot

This comment has been hidden.

Sign in to view
@richardlau
Copy link
Member

@richardlau richardlau commented Apr 7, 2021

We've only just enabled testing against a dynamically linked OpenSSL 3 (nodejs/build#2584). The parallel/test-crypto-keygen failure is being addressed by #38136 but the parallel/test-crypto-authenticated is new to this PR.
@tniessen
Copy link
Member Author

@tniessen tniessen commented Apr 7, 2021

@richardlau Right, seems like the error code needs to be conditional here as well... (I guess that also means that we cannot upgrade to OpenSSL 3 in a semver-minor release.)
@tniessen
fixup! crypto: fix crash in CCM mode without data
bc6b530
@nodejs-github-bot
Copy link

@nodejs-github-bot nodejs-github-bot commented Apr 8, 2021

CI: https://ci.nodejs.org/job/node-test-pull-request/37303/
tniessen added a commit that referenced this pull request Apr 8, 2021
@tniessen
crypto: fix crash in CCM mode without data
dfe3f95 
Fixes: #38035

PR-URL: #38102
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
@tniessen
Copy link
Member Author

@tniessen tniessen commented Apr 8, 2021

Landed in dfe3f95, thanks for reviewing.
@tniessen tniessen closed this Apr 8, 2021
@BethGriggs BethGriggs mentioned this pull request Apr 12, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasnell jasnell

@addaleax addaleax

@cjihrig cjihrig

Assignees
No one assigned
Labels
author ready c++ crypto dont-land-on-v14.x
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

"cipher.final()" results in an abort
7 participants
@tniessen @nodejs-github-bot @richardlau @jasnell @addaleax @cjihrig @targos
X Tutup