[njs] QuickJS: fixed key usage processing with invalid values in WebCrypto.
noreply at nginx.com
noreply at nginx.com
Wed Feb 19 00:31:02 UTC 2025
details: https://github.com/nginx/njs/commit/b065b41142cdf059cc5ace9e3c2495c624b8aee1
branches: master
commit: b065b41142cdf059cc5ace9e3c2495c624b8aee1
user: Dmitry Volyntsev <xeioex at nginx.com>
date: Wed, 12 Feb 2025 18:12:38 -0800
description:
QuickJS: fixed key usage processing with invalid values in WebCrypto.
---
external/qjs_webcrypto_module.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/external/qjs_webcrypto_module.c b/external/qjs_webcrypto_module.c
index cc654c0a..6e820887 100644
--- a/external/qjs_webcrypto_module.c
+++ b/external/qjs_webcrypto_module.c
@@ -4637,10 +4637,17 @@ qjs_key_usage(JSContext *cx, JSValue value, unsigned *mask)
for (e = &qjs_webcrypto_usage[0]; e->name.length != 0; e++) {
if (njs_strstr_eq(&s, &e->name)) {
*mask |= e->value;
- break;
+ goto done;
}
}
+ JS_ThrowTypeError(cx, "unknown key usage: \"%.*s\"", (int) s.length,
+ s.start);
+ JS_FreeCString(cx, (char *) s.start);
+ return JS_EXCEPTION;
+
+done:
+
JS_FreeCString(cx, (char *) s.start);
}
More information about the nginx-devel
mailing list