Turn a `CHECK()` that could be brought to fail using public APIs
into throwing an error.
Fixes: https://github.com/nodejs/node/issues/12152
PR-URL: https://github.com/nodejs/node/pull/12753
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Timothy Gu <timothygu99@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
While reading through node_crypto.cc I think the code could perhaps
be be a made a little clearer if CryptPemCallback was renamed.
I admit that I'm very new to the code base and openssl but having a
name like PasswordCallback or something similar would have helped me
so I'm suggesting this change.
PR-URL: https://github.com/nodejs/node/pull/12787
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Throw `Error`s instead of hard crashing when the `.digest()` output
encoding is UTF-16.
Fixes: https://github.com/nodejs/node/issues/9817
PR-URL: https://github.com/nodejs/node/pull/12752
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Check that invoking a callback on a receiver from a different context
works.
It ran afoul of an `env->context() == isolate->GetCurrentContext()`
assertion so retrieve the environment from the callback context and
the context to enter from the environment's context() method.
We could also have retrieved the environment from the receiver's context
and that would have made little practical difference. It just seemed
more correct to get it from the callback context because that is the
actual execution context.
PR-URL: https://github.com/nodejs/node/pull/9221
Reviewed-By: Anna Henningsen <anna@addaleax.net>
It's only used once at startup in a single place so create the string
in place instead of caching it for the lifetime of the isolate.
PR-URL: https://github.com/nodejs/node/pull/9213
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Functions that call `ECDH::BufferToPoint` were not clearing the
error stack on failure, so an invalid key could leave leftover
error state and cause subsequent (unrelated) signing operations
to fail.
PR-URL: https://github.com/nodejs/node/pull/13275
Backport-PR-URL: https://github.com/nodejs/node/pull/13397
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This is a partial backport of semver-patch bits of
9e4660b518.
This commit fixes the Node process crashing when constructors of classes
of the zlib module are given invalid options.
* Throw an Error when the zlib library rejects the value of windowBits,
instead of crashing with an assertion.
* Treat windowBits and memLevel options consistently with other ones and
don't crash when non-numeric values are given.
PR-URL: https://github.com/nodejs/node/pull/13098
Backport-PR-URL: https://github.com/nodejs/node/pull/13201
Fixes: https://github.com/nodejs/node/issues/13082
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
This is a security release. All Node.js users should consult the
security release summary at:
https://nodejs.org/en/blog/vulnerability/july-2017-security-releases/
for details on patched vulnerabilities.
Notable Changes:
* build:
- Disable V8 snapshots - The hashseed embedded in the snapshot is
currently the same for all runs of the binary. This opens node
up to collision attacks which could result in a Denial of Service.
We have temporarily disabled snapshots until a more robust solution
is found (Ali Ijaz Sheikh)
* deps:
- CVE-2017-1000381 - The c-ares function ares_parse_naptr_reply(),
which is used for parsing NAPTR responses, could be triggered to
read memory outside of the given input buffer if the passed in DNS
response packet was crafted in a particular way. This patch checks
that there is enough data for the required elements of an NAPTR
record (2 int16, 3 bytes for string lengths) before processing a
record. (David Drysdale)
PR-URL: https://github.com/nodejs/node-private/pull/89
PR-URL: https://github.com/nodejs/node/pull/12645
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
This commit removes a TODO regarding the removal of uv errno. errno
is currently used and cannot be removed so removing the comment to
avoid any confusion.
PR-URL: https://github.com/nodejs/node/pull/12536
Ref: https://github.com/nodejs/node/issues/4641
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
The destroy_ids_idle_handle_ needs to be closed on
environment destruction. Not closing the handle leaves
a dangling pointer in the used uv loop. This leads to
undefined behavior when the uv loop is used after the
environment has been destroyed.
PR-URL: https://github.com/nodejs/node/pull/10385
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Passphrase is now used whether keys are provided singly, in an array of
string/buffer, or an array of object, where it used to be ignored in
some argument combinations. Specifically, these now work as expected:
key: [encryptedPem],
passphrase: 'passphrase'
and
key: [{pem: encryptedPem}]
passphrase: 'passphrase'
and
key: [{pem: unencryptedPem}]
PR-URL: https://github.com/nodejs/node/pull/10294
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
NodeJS can already use an external, shared OpenSSL library. This
library knows where to look for OS managed certificates. Allow
a compile-time option to use this CA store by default instead of
using bundled certificates.
In case when using bundled OpenSSL, the paths are also valid for
majority of Linux systems without additional intervention. If
this is not set, we can use SSL_CERT_DIR to point it to correct
location.
Fixes: https://github.com/nodejs/node/issues/3159
PR-URL: https://github.com/nodejs/node/pull/8334
Backport-PR-URL: https://github.com/nodejs/node/pull/11794
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
The pointer to std::vector is unnecessary, so replace it with standard
instance. Also, make the for() loop more readable by using actual type
instead of inferred - there is no readability benefit here from
obfuscating the type.
PR-URL: https://github.com/nodejs/node/pull/8334
Backport-PR-URL: https://github.com/nodejs/node/pull/11794
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
A side-effect of https://github.com/nodejs/node-private/pull/82
was to remove support for OPENSSL_CONF, as well as removing the default
read of a configuration file on startup.
Partly revert this, allowing OPENSSL_CONF to be used to specify a
configuration file to read on startup, but do not read a file by
default.
If the --openssl-config command line option is provided, its value is
used, not the OPENSSL_CONF environment variable.
Fix: https://github.com/nodejs/node/issues/10938
PR-URL: https://github.com/nodejs/node/pull/11006
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Allow it to be used anywhere in src/ that env variables with security
implications are accessed.
PR-URL: #11006
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Mutations of the environment can invalidate pointers to environment
variables, so make `secure_getenv()` copy them out instead of returning
pointers.
PR-URL: https://github.com/nodejs/node/pull/11051
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
When the double dash "--" appears after "-e <script>" on the
command line, it indicates the end of options and the beginning
of positional parameters for the script.
PR-URL: #10651
Backport-PR-URL: https://github.com/nodejs/node/pull/11013
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Forced conversion of the encoding parameter to a string within
crypto.js, fixing segmentation faults in node_crypto.cc.
Fixes: https://github.com/nodejs/node/issues/9819
PR-URL: https://github.com/nodejs/node/pull/12164
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
This change was suggested by bnoordhuis in the following comment:
https://github.com/nodejs/node/pull/9163#discussion_r84264628
Not including any tests as this is covered by test/addons/at-exit.
PR-URL: https://github.com/nodejs/node/pull/12255
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
This brings the node::MakeCallback and node::AsyncWrap::MakeCallback
implementations into alignment in that they return early if the
nextTickQueue is empty after processing the MicrotaskQueue.
Include test to make sure early return happens. Test has text explaining
the conditions for the test to pass, since it relies on internal
mechanisms that aren't guaranteed in the future.
PR-URL: https://github.com/nodejs/node/pull/10274
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This reverts commit 587857e301. It was found to have subtle
behavior changes in deleting objects.
PR-URL: https://github.com/nodejs/node/pull/12721
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
https://github.com/nodejs/node/pull/11863 adds _O_RDWR to node.cc
which is defined in fcntl.h. This adds this include directly to
node.cc.
PR-URL: https://github.com/nodejs/node/pull/12540
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
This partually reverts commit 4cdb0e89d8.
A nullptr check in TSLWrap::IsAlive() and the added test were left.
PR-URL: https://github.com/nodejs/node/pull/11947
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
The TLSWrap constructor is passed a StreamBase* which it stores as
TLSWrap::stream_, and is used to receive/send data along the pipeline
(e.g. tls -> tcp). Problem is the lifetime of the instance that stream_
points to is independent of the lifetime of the TLSWrap instance. So
it's possible for stream_ to be delete'd while the TLSWrap instance is
still alive, allowing potential access to a then invalid pointer.
Fix by having the StreamBase destructor null out TLSWrap::stream_;
allowing all TLSWrap methods that rely on stream_ to do a check to see
if it's available.
While the test provided is fixed by this commit, it was also previously
fixed by 478fabf. Regardless, leave the test in for better testing.
PR-URL: https://github.com/nodejs/node/pull/11947
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
TLSWrap object keeps a pointer reference to the underlying
TCPWrap object. This TCPWrap object could be closed and deleted
by the event-loop which leaves us with a dangling pointer.
So the TLSWrap object needs to track the "close" event on the
TCPWrap object.
PR-URL: https://github.com/nodejs/node/pull/11776
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Brian White <mscdex@mscdex.net>
I identified a number of files where it said "the the" in the comments
of the source code and in general documentation texts. I replaced
these occurences with a single instance of "the".
PR-URL: https://github.com/nodejs/node/pull/11711
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Franziska Hinkelmann <franziska.hinkelmann@gmail.com>
Issue 4641 contains a FIXME regarding the InitCrypto function. After
discussing this with bnoordhuis it seems to be an outdated comment.
Refs: https://github.com/nodejs/node/issues/4641
PR-URL: https://github.com/nodejs/node/pull/11669
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
In order to check if NPN feature is enabled, use
`#ifndef OPENSSL_NO_NEXTPROTONEG` rather than
`#ifdef OPENSSL_NPN_NEGOTIATED` because the former is used in ssl.h.
Fixes: https://github.com/nodejs/node/issues/11650
PR-URL: https://github.com/nodejs/node/pull/11655
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
This is a special LTS to fix a number of regressions that were found
on the 6.10.x release line.
This includes:
* a fix for memory leak in the crypto module that
was introduced in 6.10.1
* a fix for a regression introduced to the windows repl in 6.10.0
* a backported fix for V8 to stop a segfault that could occur
when using spread syntax
It also includes an upgrade to zlib 1.2.11 to fix a numberof low
severity CVEs that were present in zlib 1.2.8.
http://seclists.org/oss-sec/2016/q4/602
Notable changes
* crypto:
- fix memory leak if certificate is revoked (Tom Atkinson)
https://github.com/nodejs/node/pull/12089
* deps:
- upgrade zlib to 1.2.11 (Sam Roberts)
https://github.com/nodejs/node/pull/10980
- backport V8 fixes for spread syntax regression causing segfaults
(Michaël Zasso) https://github.com/nodejs/node/pull/12037
* repl:
- Revert commit that broke REPL display on Windows (Myles Borins)
https://github.com/nodejs/node/pull/12123
PR-URL: https://github.com/nodejs/node/pull/11522
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/11516
Reviewed-By: Jackson Tian <shyvo1987@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Creating an object in JS and using a typed array to transfer values
from C++ to JS is faster than creating an object and setting
properties in C++.
The included benchmark shows ~34% increase in performance with this
change.
PR-URL: https://github.com/nodejs/node/pull/11497
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Fixes coverity scan issue 55489.
PR-URL: https://github.com/nodejs/node/pull/10891
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Brian White <mscdex@mscdex.net>
Anna Henningsen
Daniel Bevenius
Ben Noordhuis
Ryan Kelly
Alexey Orlenko
Myles Borins
cjihrig
René Schünemann
Sam Roberts
Adam Majer
John Barboza
Tobias Nießen
Trevor Norris
Bartosz Sosnowski
Nikolai Vavilov
Timothy Gu
Jeroen Mandersloot
Shigeki Ohtsu
Tom Atkinson
Myles Borins
Brian White
Travis Meisenheimer