Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

src: use automatic memory mgmt in SecretKeyGen #44479

Merged
merged 1 commit into from Sep 5, 2022
Merged

src: use automatic memory mgmt in SecretKeyGen #44479

merged 1 commit into from Sep 5, 2022

Conversation

tniessen
Copy link
Member

@tniessen tniessen commented Sep 1, 2022

Avoid manual memory management (i.e., calling MallocOpenSSL). This leaves less room for memory leaks and other bugs.

The import bit here is using ByteSource::Builder (see #43202).

@tniessen
src: use automatic memory mgmt in SecretKeyGen
8d19d39 
Avoid manual memory management (i.e., calling MallocOpenSSL). This
leaves less room for memory leaks and other bugs.
@tniessen tniessen added the c++ Issues and PRs that require attention from people who are familiar with C++. label Sep 1, 2022
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. labels Sep 1, 2022
@tniessen tniessen added review wanted PRs that need reviews. request-ci Add this label to start a Jenkins CI on a PR. labels Sep 4, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Sep 4, 2022
@nodejs-github-bot

This comment was marked as outdated.

Sign in to view
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/46414/

@github-actions github-actions bot mentioned this pull request Sep 5, 2022
Open
17 tasks
@tniessen
Copy link
Member Author

tniessen commented Sep 5, 2022

cc @nodejs/cpp-reviewers

@tniessen tniessen added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Sep 5, 2022
@tniessen tniessen added the commit-queue Add this label to land a pull request using GitHub Actions. label Sep 5, 2022
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Sep 5, 2022
@nodejs-github-bot nodejs-github-bot merged commit 1f54fc2 into nodejs:main Sep 5, 2022
@nodejs-github-bot
Copy link
Collaborator

Landed in 1f54fc2

This was referenced Sep 6, 2022
Open
Open
Open
Open
Open
Open
Fyko pushed a commit to Fyko/node that referenced this pull request Sep 15, 2022
@tniessen @Fyko
src: use automatic memory mgmt in SecretKeyGen
fe483ff 
Avoid manual memory management (i.e., calling MallocOpenSSL). This
leaves less room for memory leaks and other bugs.

PR-URL: nodejs#44479
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
@RafaelGSS
Copy link
Member

It didn't land cleanly on v18.x. This PR conflicts with a security change in the same method (

node/src/crypto/crypto_keygen.cc

Line 83 in 0c2a572

params->out = MallocOpenSSL<char>(params->length);
).

@RafaelGSS RafaelGSS added the backport-requested-v18.x PRs awaiting manual backport to the v18.x-staging branch. label Sep 26, 2022
@RafaelGSS RafaelGSS mentioned this pull request Oct 14, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bnoordhuis bnoordhuis bnoordhuis approved these changes

@addaleax addaleax addaleax approved these changes

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. backport-requested-v18.x PRs awaiting manual backport to the v18.x-staging branch. c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. review wanted PRs that need reviews.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@tniessen @nodejs-github-bot @RafaelGSS @bnoordhuis @addaleax @targos