src: replace unreachable code with static_assert #46209

tniessen · 2023-01-14T18:24:57Z

This function base64-decodes a given JavaScript string to obtain the secret key, whose length must not exceed INT_MAX. However, because JavaScript strings are limited to v8::String::kMaxLength chars and because base64 decoding never yields more bytes than input chars, the size of the decoded key must be strictly less than v8::String::kMaxLength bytes. Therefore, it is sufficient to statically assert that String::kMaxLength <= INT_MAX (which is always true because String::kMaxLength itself is an int).

Aside from being unreachable, Coverity considers the current code "suspicious" because it indicates that buffers larger than INT_MAX might actually be allocated.

This function base64-decodes a given JavaScript string to obtain the secret key, whose length must not exceed INT_MAX. However, because JavaScript strings are limited to v8::String::kMaxLength chars and because base64 decoding never yields more bytes than input chars, the size of the decoded key must be strictly less than v8::String::kMaxLength bytes. Therefore, it is sufficient to statically assert that String::kMaxLength <= INT_MAX (which is always true because String::kMaxLength itself is an int). Aside from being unreachable, Coverity considers the current code "suspicious" because it indicates that buffers larger than INT_MAX might actually be allocated.

nodejs-github-bot · 2023-01-14T18:25:01Z

Review requested:

@nodejs/crypto

nodejs-github-bot · 2023-01-17T08:58:27Z

CI: https://ci.nodejs.org/job/node-test-pull-request/49004/

nodejs-github-bot · 2023-01-17T10:01:28Z

Landed in 15d673d

This function base64-decodes a given JavaScript string to obtain the secret key, whose length must not exceed INT_MAX. However, because JavaScript strings are limited to v8::String::kMaxLength chars and because base64 decoding never yields more bytes than input chars, the size of the decoded key must be strictly less than v8::String::kMaxLength bytes. Therefore, it is sufficient to statically assert that String::kMaxLength <= INT_MAX (which is always true because String::kMaxLength itself is an int). Aside from being unreachable, Coverity considers the current code "suspicious" because it indicates that buffers larger than INT_MAX might actually be allocated. PR-URL: nodejs#46209 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Minwoo Jung <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Filip Skokan <[email protected]>

This function divides an unsigned 32-bit integer by 8, effectively right-shifting it by three bits, so the result must be less than INT_MAX. Refs: nodejs#46209

This function base64-decodes a given JavaScript string to obtain the secret key, whose length must not exceed INT_MAX. However, because JavaScript strings are limited to v8::String::kMaxLength chars and because base64 decoding never yields more bytes than input chars, the size of the decoded key must be strictly less than v8::String::kMaxLength bytes. Therefore, it is sufficient to statically assert that String::kMaxLength <= INT_MAX (which is always true because String::kMaxLength itself is an int). Aside from being unreachable, Coverity considers the current code "suspicious" because it indicates that buffers larger than INT_MAX might actually be allocated. PR-URL: #46209 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Minwoo Jung <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Filip Skokan <[email protected]>

This function divides an unsigned 32-bit integer by 8, effectively right-shifting it by three bits, so the result must be less than INT_MAX. Refs: #46209 PR-URL: #46250 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>

This function base64-decodes a given JavaScript string to obtain the secret key, whose length must not exceed INT_MAX. However, because JavaScript strings are limited to v8::String::kMaxLength chars and because base64 decoding never yields more bytes than input chars, the size of the decoded key must be strictly less than v8::String::kMaxLength bytes. Therefore, it is sufficient to statically assert that String::kMaxLength <= INT_MAX (which is always true because String::kMaxLength itself is an int). Aside from being unreachable, Coverity considers the current code "suspicious" because it indicates that buffers larger than INT_MAX might actually be allocated. PR-URL: #46209 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Yagiz Nizipli <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Minwoo Jung <[email protected]> Reviewed-By: Darshan Sen <[email protected]> Reviewed-By: Filip Skokan <[email protected]>

This function divides an unsigned 32-bit integer by 8, effectively right-shifting it by three bits, so the result must be less than INT_MAX. Refs: #46209 PR-URL: #46250 Reviewed-By: Anna Henningsen <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>

tniessen added crypto Issues and PRs related to the crypto subsystem. c++ Issues and PRs that require attention from people who are familiar with C++. labels Jan 14, 2023

nodejs-github-bot added the needs-ci PRs that need a full CI run. label Jan 14, 2023

lpinca approved these changes Jan 14, 2023

View reviewed changes

anonrig approved these changes Jan 14, 2023

View reviewed changes

Trott approved these changes Jan 14, 2023

View reviewed changes

cjihrig approved these changes Jan 15, 2023

View reviewed changes

JungMinu approved these changes Jan 16, 2023

View reviewed changes

RaisinTen approved these changes Jan 16, 2023

View reviewed changes

panva added the request-ci Add this label to start a Jenkins CI on a PR. label Jan 17, 2023

github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jan 17, 2023

This comment was marked as outdated.

Sign in to view

panva added the commit-queue Add this label to land a pull request using GitHub Actions. label Jan 17, 2023

panva approved these changes Jan 17, 2023

View reviewed changes

nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Jan 17, 2023

nodejs-github-bot merged commit 15d673d into nodejs:main Jan 17, 2023

github-actions bot mentioned this pull request Jan 18, 2023

CI Reliability 2023-01-18 nodejs/reliability#487

Open

18 tasks

tniessen mentioned this pull request Jan 18, 2023

src: replace unreachable code with static_assert #46250

Merged

This was referenced Jan 19, 2023

CI Reliability 2023-01-19 nodejs/reliability#488

Open

CI Reliability 2023-01-20 nodejs/reliability#489

Open

RafaelGSS mentioned this pull request Jan 20, 2023

v19.5.0 proposal #46286

Merged

juanarbol mentioned this pull request Jan 28, 2023

V18.14.0 proposal #46396

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

src: replace unreachable code with static_assert #46209

src: replace unreachable code with static_assert #46209

tniessen commented Jan 14, 2023

nodejs-github-bot commented Jan 14, 2023

This comment was marked as outdated.

nodejs-github-bot commented Jan 17, 2023

nodejs-github-bot commented Jan 17, 2023

src: replace unreachable code with static_assert #46209

src: replace unreachable code with static_assert #46209

Conversation

tniessen commented Jan 14, 2023

nodejs-github-bot commented Jan 14, 2023

This comment was marked as outdated.

nodejs-github-bot commented Jan 17, 2023

nodejs-github-bot commented Jan 17, 2023