From 4cf4c1f58599368254ef4c89daeb9872106e821e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= Date: Mon, 22 Aug 2022 15:58:52 +0200 Subject: [PATCH] src: make minor improvements to SecureBuffer Remove an unnecessary static_cast(). Use OPENSSL_secure_zalloc() instead of OPENSSL_secure_malloc() + memset(). Update the comment describing the function which predates support for OpenSSL's secure heap. PR-URL: https://github.com/nodejs/node/pull/44302 Reviewed-By: Filip Skokan Reviewed-By: Anna Henningsen --- src/crypto/crypto_util.cc | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/src/crypto/crypto_util.cc b/src/crypto/crypto_util.cc index 5cbf553e46e3c0..324dd11e301942 100644 --- a/src/crypto/crypto_util.cc +++ b/src/crypto/crypto_util.cc @@ -673,22 +673,21 @@ CryptoJobMode GetCryptoJobMode(v8::Local args) { } namespace { -// SecureBuffer uses openssl to allocate a Uint8Array using -// OPENSSL_secure_malloc. Because we do not yet actually -// make use of secure heap, this has the same semantics as +// SecureBuffer uses OPENSSL_secure_malloc to allocate a Uint8Array. +// Without --secure-heap, OpenSSL's secure heap is disabled, +// in which case this has the same semantics as // using OPENSSL_malloc. However, if the secure heap is // initialized, SecureBuffer will automatically use it. void SecureBuffer(const FunctionCallbackInfo& args) { CHECK(args[0]->IsUint32()); Environment* env = Environment::GetCurrent(args); uint32_t len = args[0].As()->Value(); - char* data = static_cast(OPENSSL_secure_malloc(len)); + void* data = OPENSSL_secure_zalloc(len); if (data == nullptr) { // There's no memory available for the allocation. // Return nothing. return; } - memset(data, 0, len); std::shared_ptr store = ArrayBuffer::NewBackingStore( data,