From 48c01485cde60d8565056195bf0aa76573d5a558 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= <tniessen@tnie.de>
Date: Sun, 9 Apr 2023 11:22:51 +0200
Subject: [PATCH] crypto: replace THROW with CHECK for scrypt keylen

The JS layer already uses validateInt32(keylen, 'keylen', 0) to ensure
that the keylen argument fits into a signed 32-bit integer, thus, the
THROW statement in C++ is unreachable (unless the binding is accessed
directly, of course).

PR-URL: https://github.com/nodejs/node/pull/47407
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
---
 src/crypto/crypto_scrypt.cc         | 5 +----
 test/parallel/test-crypto-scrypt.js | 8 ++++++++
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/crypto/crypto_scrypt.cc b/src/crypto/crypto_scrypt.cc
index 88d355446c0984..4dae07f13604d4 100644
--- a/src/crypto/crypto_scrypt.cc
+++ b/src/crypto/crypto_scrypt.cc
@@ -109,10 +109,7 @@ Maybe<bool> ScryptTraits::AdditionalConfig(
   }
 
   params->length = args[offset + 6].As<Int32>()->Value();
-  if (params->length < 0) {
-    THROW_ERR_OUT_OF_RANGE(env, "length must be <= %d", INT_MAX);
-    return Nothing<bool>();
-  }
+  CHECK_GE(params->length, 0);
 
   return Just(true);
 }
diff --git a/test/parallel/test-crypto-scrypt.js b/test/parallel/test-crypto-scrypt.js
index 63656e056f195a..73bf0217b1fb67 100644
--- a/test/parallel/test-crypto-scrypt.js
+++ b/test/parallel/test-crypto-scrypt.js
@@ -143,10 +143,18 @@ const badargs = [
     args: ['', '', -42],
     expected: { code: 'ERR_OUT_OF_RANGE', message: /"keylen"/ },
   },
+  {
+    args: ['', '', 2 ** 31],
+    expected: { code: 'ERR_OUT_OF_RANGE', message: /"keylen"/ },
+  },
   {
     args: ['', '', 2147485780],
     expected: { code: 'ERR_OUT_OF_RANGE', message: /"keylen"/ },
   },
+  {
+    args: ['', '', 2 ** 32],
+    expected: { code: 'ERR_OUT_OF_RANGE', message: /"keylen"/ },
+  },
 ];
 
 for (const options of good) {