Skip to content

crypto: fix missing nullptr check on RSA_new()#61888

Open
ndossche wants to merge 1 commit intonodejs:mainfrom
ndossche:clesss-5
Open

crypto: fix missing nullptr check on RSA_new()#61888
ndossche wants to merge 1 commit intonodejs:mainfrom
ndossche:clesss-5

Conversation

@ndossche
Copy link

@ndossche ndossche commented Feb 19, 2026

Not checking this can cause a null deref. Since there is already a null check at the bottom of the function with NewRSA().

Note: this was found by a static-dynamic analyser I'm developing.

@ndossche
crypto: fix missing nullptr check on RSA_new()
00b4cf8 
Not checking this can cause a null deref. Since there is already a
null check at the bottom of the function with `NewRSA()`.
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Feb 19, 2026

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. labels Feb 19, 2026
@codecov
Copy link

codecov bot commented Feb 19, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 0% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 89.74%. Comparing base (4a13a62) to head (00b4cf8).
⚠️ Report is 41 commits behind head on main.

Files with missing lines Patch % Lines
src/crypto/crypto_rsa.cc 0.00% 0 Missing and 1 partial ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main   #61888      +/-   ##
==========================================
- Coverage   89.76%   89.74%   -0.02%     
==========================================
  Files         675      674       -1     
  Lines      204674   204809     +135     
  Branches    39330    39361      +31     
==========================================
+ Hits       183716   183808      +92     
- Misses      13235    13272      +37     
- Partials     7723     7729       +6
Files with missing lines Coverage Δ
src/crypto/crypto_rsa.cc 63.39% <0.00%> (-0.21%) ⬇️

... and 68 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

addaleax
addaleax requested changes Feb 20, 2026
View reviewed changes
src/crypto/crypto_rsa.cc
KeyType type = d_value->IsString() ? kKeyTypePrivate : kKeyTypePublic;

RSAPointer rsa(RSA_new());
if (!rsa) return {};
Copy link
Member

@addaleax addaleax Feb 20, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why does this not throw an exception like the other return {}; sites?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@addaleax addaleax addaleax requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ndossche @nodejs-github-bot @addaleax

Comments