-
Notifications
You must be signed in to change notification settings - Fork 143
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Secure Session: add checks to pubkey callback
It turned out that public key callback did not have enough checks and could crash Node process if the user returns unexpected value from it. Add type checks for result: an array is okay, null and undefined are explicit "not found" values, anything else is also considered "not found" but with a different error code (the exact value does not matter at the moment). Also add a length check to avoid buffer overflow when doing memcpy().
- Loading branch information
Showing
2 changed files
with
50 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters