Skip to content

src: use automatic memory mgmt in SecretKeyGen #44479

New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 5, 2022
Merged

src: use automatic memory mgmt in SecretKeyGen #44479

merged 1 commit into from
Sep 5, 2022

Conversation

tniessen
Copy link
Member

@tniessen tniessen commented Sep 1, 2022

Avoid manual memory management (i.e., calling MallocOpenSSL). This leaves less room for memory leaks and other bugs.

The import bit here is using ByteSource::Builder (see #43202).

@tniessen
src: use automatic memory mgmt in SecretKeyGen
8d19d39 
Avoid manual memory management (i.e., calling MallocOpenSSL). This
leaves less room for memory leaks and other bugs.
@tniessen tniessen added the c++ Issues and PRs that require attention from people who are familiar with C++. label Sep 1, 2022
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. labels Sep 1, 2022
@tniessen tniessen added review wanted PRs that need reviews. request-ci Add this label to start a Jenkins CI on a PR. labels Sep 4, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Sep 4, 2022
@nodejs-github-bot

This comment was marked as outdated.

# to view
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/46414/

@github-actions github-actions bot mentioned this pull request Sep 5, 2022
Open
17 tasks
@tniessen
Copy link
Member Author

tniessen commented Sep 5, 2022

cc @nodejs/cpp-reviewers

@tniessen tniessen added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Sep 5, 2022
@tniessen tniessen added the commit-queue Add this label to land a pull request using GitHub Actions. label Sep 5, 2022
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Sep 5, 2022
@nodejs-github-bot nodejs-github-bot merged commit 1f54fc2 into nodejs:main Sep 5, 2022
@nodejs-github-bot
Copy link
Collaborator

Landed in 1f54fc2

This was referenced Sep 6, 2022
Open
Open
Open
Open
Open
Open
Fyko pushed a commit to Fyko/node that referenced this pull request Sep 15, 2022
@tniessen @Fyko
src: use automatic memory mgmt in SecretKeyGen
fe483ff 
Avoid manual memory management (i.e., calling MallocOpenSSL). This
leaves less room for memory leaks and other bugs.

PR-URL: nodejs#44479
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
@RafaelGSS
Copy link
Member

It didn't land cleanly on v18.x. This PR conflicts with a security change in the same method (

node/src/crypto/crypto_keygen.cc

Line 83 in 0c2a572

params->out = MallocOpenSSL<char>(params->length);
).

@RafaelGSS RafaelGSS mentioned this pull request Oct 14, 2022
Merged
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@bnoordhuis bnoordhuis bnoordhuis approved these changes

@addaleax addaleax addaleax approved these changes

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. review wanted PRs that need reviews.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@tniessen @nodejs-github-bot @RafaelGSS @bnoordhuis @addaleax @targos