[njs] Fixed crypto update() method after digest() is called.

Dmitry Volyntsev xeioex at nginx.com
Thu Apr 5 16:43:35 UTC 2018 

details:   http://hg.nginx.org/njs/rev/4f3424b390bd
branches:  
changeset: 495:4f3424b390bd
user:      Dmitry Volyntsev <xeioex at nginx.com>
date:      Thu Apr 05 19:06:35 2018 +0300
description:
Fixed crypto update() method after digest() is called.

diffstat:

 njs/njs_crypto.c         |  12 ++++++++++++
 njs/test/njs_unit_test.c |  12 ++++++++++++
 2 files changed, 24 insertions(+), 0 deletions(-)

diffs (58 lines):

diff -r 9d5914cc9100 -r 4f3424b390bd njs/njs_crypto.c
--- a/njs/njs_crypto.c	Thu Apr 05 14:50:45 2018 +0300
+++ b/njs/njs_crypto.c	Thu Apr 05 19:06:35 2018 +0300
@@ -243,6 +243,12 @@ njs_hash_prototype_update(njs_vm_t *vm, 
     njs_string_get(&args[1], &data);
 
     dgst = njs_value_data(&hash->value);
+
+    if (nxt_slow_path(dgst->alg == NULL)) {
+        njs_error(vm, "Digest already called", NULL);
+        return NJS_ERROR;
+    }
+
     dgst->alg->update(&dgst->u, data.start, data.length);
 
     vm->retval = args[0];
@@ -504,6 +510,12 @@ njs_hmac_prototype_update(njs_vm_t *vm, 
     njs_string_get(&args[1], &data);
 
     ctx = njs_value_data(&hmac->value);
+
+    if (nxt_slow_path(ctx->alg == NULL)) {
+        njs_error(vm, "Digest already called", NULL);
+        return NJS_ERROR;
+    }
+
     ctx->alg->update(&ctx->u, data.start, data.length);
 
     vm->retval = args[0];
diff -r 9d5914cc9100 -r 4f3424b390bd njs/test/njs_unit_test.c
--- a/njs/test/njs_unit_test.c	Thu Apr 05 14:50:45 2018 +0300
+++ b/njs/test/njs_unit_test.c	Thu Apr 05 19:06:35 2018 +0300
@@ -9142,6 +9142,10 @@ static njs_unit_test_t  njs_test[] =
                  "h.update('A').digest('hex'); h.digest('hex')"),
       nxt_string("Error: Digest already called") },
 
+    { nxt_string("var h = require('crypto').createHash('sha1');"
+                 "h.update('A').digest('hex'); h.update('B')"),
+      nxt_string("Error: Digest already called") },
+
     /* require('crypto').createHash() */
 
     { nxt_string("require('crypto').createHmac('sha1', '')"),
@@ -9239,6 +9243,14 @@ static njs_unit_test_t  njs_test[] =
     { nxt_string("var h = require('crypto').createHmac('sha1', [])"),
       nxt_string("TypeError: key must be a string") },
 
+    { nxt_string("var h = require('crypto').createHmac('sha1', 'secret key');"
+                 "h.update('A').digest('hex'); h.digest('hex')"),
+      nxt_string("Error: Digest already called") },
+
+    { nxt_string("var h = require('crypto').createHmac('sha1', 'secret key');"
+                 "h.update('A').digest('hex'); h.update('B')"),
+      nxt_string("Error: Digest already called") },
+
     /* setTimeout(). */
 
     { nxt_string("setTimeout()"),

More information about the nginx-devel mailing list