-
Notifications
You must be signed in to change notification settings - Fork 30.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto.pbkdf2 with an keylen too long crashes in a segfalt #5396
Labels
crypto
Issues and PRs related to the crypto subsystem.
Comments
Fix is coming in a bit. |
cc @nodejs/crypto |
indutny
added a commit
to indutny/io.js
that referenced
this issue
Feb 23, 2016
Change types of all PBKDF2 params to `int` as they are `int` in `evp.h`. Check that `raw_keylen` fits into `int` before passing it to OpenSSL. Fix: nodejs#5396
thanks! |
4 tasks
Should be fixed by #5397 |
Cheers for following this up @calvinmetcalf / @indutny. |
Fishrock123
pushed a commit
that referenced
this issue
Mar 2, 2016
Change types of all PBKDF2 params to `int` as they are `int` in `evp.h`. Check that `raw_keylen` fits into `int` before passing it to OpenSSL. Fix: #5396 PR-URL: #5397 Reviewed-By: Shigeki Ohtsu <[email protected]> Reviewed-By: Ben Noorhduis <[email protected]> Conflicts: test/parallel/test-crypto-pbkdf2.js
MylesBorins
pushed a commit
that referenced
this issue
Mar 17, 2016
Change types of all PBKDF2 params to `int` as they are `int` in `evp.h`. Check that `raw_keylen` fits into `int` before passing it to OpenSSL. Fix: #5396 PR-URL: #5397 Reviewed-By: Shigeki Ohtsu <[email protected]> Reviewed-By: Ben Noorhduis <[email protected]>
MylesBorins
pushed a commit
that referenced
this issue
Mar 21, 2016
Change types of all PBKDF2 params to `int` as they are `int` in `evp.h`. Check that `raw_keylen` fits into `int` before passing it to OpenSSL. Fix: #5396 PR-URL: #5397 Reviewed-By: Shigeki Ohtsu <[email protected]> Reviewed-By: Ben Noorhduis <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
in node 4.1.2 and latter calling
crypto.pbkdf2('password','salt', 1, 4073741824, function(err, resp){console.log(err, resp)});
causes node to crash with the message
Segmentation fault: 11
node 4.1.1 and earlier throw a
TypeError: Bad key length
browserify/pbkdf2#22
I suspect this commit 4c8d96b is to blame
The text was updated successfully, but these errors were encountered: