1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tls: fix error stack conversion in cryptoErrorListToException()

Browse Source 
The ncrypto move introduced regressions in
cryptoErrorListToException() by passing in the size of the
vector unnecessarily into the vector constructor and then use
push_back() (which would result in a crash on dereferencing empty
handles during later iteration) and having incorrect logic for
checking the presence of an exception. This patch fixes it.

PR-URL: https://github.com/nodejs/node/pull/56554
Fixes: https://github.com/nodejs/node/issues/56375
Refs: https://github.com/nodejs/node/pull/53803
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
This commit is contained in:
Joyee Cheung 2025-01-12 21:53:04 +01:00 committed by GitHub
parent 99099d64cb
commit f4fcf0e613
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 23 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
src/crypto/crypto_util.cc
View File

@ -237,7 +237,8 @@ MaybeLocal<Value> cryptoErrorListToException(
if (errors.size() > 1) {
CHECK(exception->IsObject());
Local<Object> exception_obj = exception.As<Object>();
LocalVector<Value> stack(env->isolate(), errors.size() - 1);
LocalVector<Value> stack(env->isolate());
stack.reserve(errors.size() - 1);
// Iterate over all but the last error in the list.
auto current = errors.begin();
@ -255,9 +256,9 @@ MaybeLocal<Value> cryptoErrorListToException(
Local<v8::Array> stackArray =
v8::Array::New(env->isolate(), stack.data(), stack.size());
if (!exception_obj
->Set(env->context(), env->openssl_error_stack(), stackArray)
.IsNothing()) {
if (exception_obj
->Set(env->context(), env->openssl_error_stack(), stackArray)
.IsNothing()) {
return {};
}
}

18
test/parallel/test-tls-error-stack.js Normal file
View File

@ -0,0 +1,18 @@
'use strict';
// This tests that the crypto error stack can be correctly converted.
const common = require('../common');
if (!common.hasCrypto)
common.skip('missing crypto');
const assert = require('assert');
const tls = require('tls');
assert.throws(() => {
tls.createSecureContext({ clientCertEngine: 'x' });
}, (err) => {
return err.name === 'Error' &&
/could not load the shared library/.test(err.message) &&
Array.isArray(err.opensslErrorStack) &&
err.opensslErrorStack.length > 0;
});