src: report if CSPRNG fails to seed properly

In some cases, the CSPRNG may fail to seed properly, which currently results in assertion failure and core dump. This change will turn the behavior in a better-debuggable error report.
nodejs · Jul 28, 2023 · 75efb42 · 75efb42
1 parent 8f0f17e
commit 75efb42
Showing 1 changed file with 11 additions and 1 deletion.
diff --git a/src/node.cc b/src/node.cc
@@ -1067,7 +1067,17 @@ InitializeOncePerProcessInternal(const std::vector<std::string>& args,
     }
 
     // Ensure CSPRNG is properly seeded.
-    CHECK(crypto::CSPRNG(nullptr, 0).is_ok());
+    if (!crypto::CSPRNG(nullptr, 0).is_ok()) {
+      // XXX: ERR_GET_REASON does not return something that is
+      // useful as an exit code at all.
+      result->exit_code_ =
+        static_cast<ExitCode>(ERR_GET_REASON(ERR_peek_error()));
+      result->early_return_ = true;
+      result->errors_.emplace_back(
+          "OpenSSL error when trying to seed CSPRNG:\n" +
+          GetOpenSSLErrorString());
+      return result;
+    }
 
     V8::SetEntropySource([](unsigned char* buffer, size_t length) {
       // V8 falls back to very weak entropy when this function fails