Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

crypto: add missing null check #40598

Closed
wants to merge 1 commit into from
Closed

crypto: add missing null check #40598

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
2 changes: 2 additions & 0 deletions src/crypto/crypto_context.cc
View file
Open in desktop
Expand Up @@ -1037,6 +1037,8 @@ void SecureContext::LoadPKCS12(const FunctionCallbackInfo<Value>& args) {
// TODO(@jasnell): Should this use ThrowCryptoError?
unsigned long err = ERR_get_error(); // NOLINT(runtime/int)
const char* str = ERR_reason_error_string(err);
str = str != nullptr ? str : "Unknown error";
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ERR_reason_error_string should only return nullptr if ERR_get_error returned 0, indicating no error.

If there is a guarantee that ERR_get_error will not return 0, this should probably be a CHECK_NOT_NULL(str) instead. (But I don't know if that's the case.)

Copy link
Member Author

@mhdawson mhdawson Oct 26, 2021
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@tniessen I did wonder about that, but I checked other places that ERR_reason_error_string was called in the Node.js code base and in those places (I think there were 2 others) the code did a nullptr check.


return env->ThrowError(str);
}
}
Expand Down