diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 30e9eb49b64ab1..d1699b23a7c66b 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -2669,7 +2669,7 @@ static bool IsSupportedAuthenticatedMode(const EVP_CIPHER_CTX* ctx) { template static T* MallocOpenSSL(size_t count) { void* mem = OPENSSL_malloc(MultiplyWithOverflowCheck(count, sizeof(T))); - CHECK_NOT_NULL(mem); + CHECK_IMPLIES(mem == nullptr, count == 0); return static_cast(mem); } @@ -2827,7 +2827,8 @@ static EVPKeyPointer ParsePrivateKey(const PrivateKeyEncodingConfig& config, if (config.format_ == kKeyFormatPEM) { BIOPointer bio(BIO_new_mem_buf(key, key_len)); - CHECK(bio); + if (!bio) + return pkey; char* pass = const_cast(config.passphrase_.get()); pkey.reset(PEM_read_bio_PrivateKey(bio.get(), @@ -2842,7 +2843,8 @@ static EVPKeyPointer ParsePrivateKey(const PrivateKeyEncodingConfig& config, pkey.reset(d2i_PrivateKey(EVP_PKEY_RSA, nullptr, &p, key_len)); } else if (config.type_.ToChecked() == kKeyEncodingPKCS8) { BIOPointer bio(BIO_new_mem_buf(key, key_len)); - CHECK(bio); + if (!bio) + return pkey; char* pass = const_cast(config.passphrase_.get()); pkey.reset(d2i_PKCS8PrivateKey_bio(bio.get(), nullptr, diff --git a/test/parallel/test-crypto-key-objects.js b/test/parallel/test-crypto-key-objects.js index dddbd5f2703d93..8a28ac996084a5 100644 --- a/test/parallel/test-crypto-key-objects.js +++ b/test/parallel/test-crypto-key-objects.js @@ -105,3 +105,10 @@ const privatePem = fixtures.readSync('test_rsa_privkey.pem', 'ascii'); } } } + +{ + // This should not cause a crash: https://github.com/nodejs/node/issues/25247 + assert.throws(() => { + createPrivateKey({ key: '' }); + }, /null/); +}