-
Notifications
You must be signed in to change notification settings - Fork 29.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
src,crypto: fix 0-length output crash in webcrypto #38913
Conversation
@@ -249,7 +249,7 @@ class CipherJob final : public CryptoJob<CipherTraits> { | |||
v8::Local<v8::Value>* result) override { | |||
Environment* env = AsyncWrap::env(); | |||
CryptoErrorStore* errors = CryptoJob<CipherTraits>::errors(); | |||
if (out_.size() > 0) { | |||
if (out_.size() > 0 || errors->Empty()) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few lines below, there's this:
if (errors->Empty())
errors->Capture(); // this is unreachable now
CHECK(!errors->Empty());
So, either those lines are not needed, or there is no guarantee that errors->IsEmpty()
will return false
only if no error occurred.
If errors->IsEmpty()
is true if and only if the operation succeeded, then out_.size() > 0
is not a required condition.
If errors->IsEmpty()
is never true
when the operation failed, then the lines below should be removed.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should I move if (errors->Empty()) errors->Capture();
before if (out_.size() > 0)
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think @jasnell might be the best person to ask, but that might be enough to solve the problem. It would make the sanity check CHECK(!errors->Empty())
below useless.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've moved it above.
/cc @jasnell
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM but I'd appreciate a review from @jasnell due to the error handling dilemma.
/ping @jasnell |
/ping @jasnell |
1 similar comment
/ping @jasnell |
Related failure on
|
How do I mock an environment like this case? |
@XadillaX see nodejs/build#2176 for the instructions that the CI build was based on. |
CHECK(errors->Empty()); | ||
*err = v8::Undefined(env->isolate()); | ||
*result = out_.ToArrayBuffer(env); | ||
return v8::Just(!result->IsEmpty()); | ||
} | ||
|
||
if (errors->Empty()) | ||
errors->Capture(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/ping @jasnell, why here should errors->Capture()
again? Can't we CHECK(!errors->Empty())
directly?
7d4b493
to
46d0c55
Compare
After testing, I found that it's not if (errors->Empty())
errors->Capture(); occurs the error. It failed either with commenting those two lines. |
It seems a problem with Maybe lack of code below (I guess): /*
* CCM mode needs to know about the case where inl == 0 && in == NULL - it
* means the plaintext/ciphertext length is 0
*/
if (inl < 0
|| (inl == 0
&& EVP_CIPHER_mode(ctx->cipher) != EVP_CIPH_CCM_MODE)) {
*outl = 0;
return inl == 0;
} So I will check zero-length in Node.js' source code. |
@tniessen All CI have already passed except commit message due to several |
I suspect it's because UBI 8.1 is outdated and has OpenSSL 1.1.1c (which is several versions behind the current OpenSSL 1.1.1k). I'll add updating the UBI container to UBI 8.4, which has OpenSSL 1.1.1g (which is at least more up to date) to my list of things to do. |
I think it's really a problem. We can make sure that our UBI 8.4 build container use the right openssl sharedlib, but we can't make sure users use the right one. |
src/crypto/crypto_aes.cc
Outdated
// Only `ubi81_sharedlibs_openssl111fips_x64` failed when `in.size()` is zero. | ||
// So we regard 0 as special and DO NOT go into `EVP_CipherUpdate()` logic | ||
// because it will occur failure under `ubi81_sharedlibs_openssl111fips_x64`. | ||
// | ||
// Refs: https://github.com/nodejs/node/pull/38913#issuecomment-866505244 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't know if it's possible to work out which version of OpenSSL 1.1.1 changed the behavior without going through and build/testing against OpenSSL 1.1.1c, 1.1.1d, 1.1.1e etc. but the comment would be a lot better if we could refer to an OpenSSL release rather than a container specific to our build CI.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've updated the comment and you may review again.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@richardlau btw, I think we should leave at least one outdated OpenSSL CI to discover similar problems.
96b9f19
to
7eb1d04
Compare
src/crypto/crypto_aes.cc
Outdated
// it up. But we still have to regard zero as special in Node.js code to | ||
// prevent old OpenSSL failure. | ||
// | ||
// Refs: https://ci.nodejs.org/job/node-test-commit-linux-containered/nodes=ubi81_sharedlibs_openssl111fips_x64/27534/console |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This link will expire -- build logs are only kept for around two weeks or so.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
done
dcf45a1
to
4986fb9
Compare
Landed in b3d4a2c...8954e03 |
Refs: #38883