fix: reject negative salt rounds in hash()#1221
Open
abhu85 wants to merge 1 commit intokelektiv:masterfrom
Open
fix: reject negative salt rounds in hash()#1221abhu85 wants to merge 1 commit intokelektiv:masterfrom
abhu85 wants to merge 1 commit intokelektiv:masterfrom
Conversation
Previously, passing a negative value for salt rounds (e.g., `bcrypt.hash('password', -5, cb)`)
would cause the library to hang indefinitely. This occurred because:
1. Negative values passed JavaScript's validation (checking only for type)
2. In the native C++ code, the negative value was cast to u_int8_t, causing
integer underflow (e.g., -5 becomes 251)
3. This resulted in `1 << 251` rounds, an astronomically large iteration count
This fix adds early validation in the JavaScript layer to reject negative
rounds with a clear error message "rounds must be a positive number", matching
the existing pattern for type validation.
Also fixes a related issue where genSalt errors were not properly propagated
through the hash() callback when salt rounds were invalid.
Fixes kelektiv#1218
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
genSalttohash()callbackProblem
Passing a negative value for salt rounds (e.g.,
bcrypt.hash('password', -5, cb)) causes the library to hang indefinitely. This happens because:u_int8_t, causing integer underflow (e.g.,-5becomes251)1 << 251rounds, an astronomically large iteration count that causes the hangSolution
Add early validation in the JavaScript layer to reject negative rounds with a clear error message "rounds must be a positive number", matching the existing pattern for type validation.
Also fixes a related issue where
genSalterrors were not properly propagated through thehash()callback when salt rounds were invalid.Test plan
salt_rounds_is_negativetest for sync APIsalt_rounds_is_negativetest for async APIsalt_rounds_is_negativetest for promise APIhash_rounds_is_negativetest for sync/async/promise APIsFixes #1218