src: more automatic memory management in node_crypto.cc by addaleax · Pull Request #20238 · nodejs/node

addaleax · 2018-04-23T22:55:02Z

Prefer custom smart pointers fitted to the OpenSSL data structures
over more manual memory management and lots of gotos.

Checklist

make -j4 test (UNIX), or vcbuild test (Windows) passes
commit message follows commit guidelines

addaleax · 2018-04-23T22:55:35Z

CI: https://ci.nodejs.org/job/node-test-pull-request/14462/

tniessen

Thanks Anna, this looks great! I will have a closer look soon.

tniessen · 2018-04-23T23:03:53Z

src/node_crypto.cc

I might be missing something here, but doesn't this negate the check?

@tniessen Yes, good catch. I don’t think we have tests for this at the moment. :/

addaleax · 2018-04-23T23:34:43Z

CI²: https://ci.nodejs.org/job/node-test-commit/17975/

bnoordhuis

Left some comments, didn't review fully. I like the overall direction.

bnoordhuis · 2018-04-24T08:25:47Z

src/node_crypto.cc

Coincidence: I was working yesterday on simplifying this to something that uses std::vector<char>.

(Working on adding scrypt support and DRYing the PBKDF2 and RandomBytes code in the process.)

bnoordhuis · 2018-04-24T08:31:43Z

src/node_crypto.h

Style: space before <.

bnoordhuis · 2018-04-24T08:33:33Z

src/node_crypto.h

Can you name this Ptr, Pointer, UniquePointer or whatever to make it clearer it's a type?

bnoordhuis · 2018-04-24T08:37:57Z

src/node_crypto.cc

I suppose this works because of boolean coercion but it might be clearer to write it as !!store_ctx or store_ctx == true or store_ctx.get() != nullptr.

addaleax · 2018-04-24T08:57:02Z

Fixed tests (not sure why I didn’t see the failures before) and addressed @bnoordhuis’ first round of review nits.

CI: https://ci.nodejs.org/job/node-test-pull-request/14469/

tniessen · 2018-04-24T21:34:30Z

src/node_crypto.h

Is there a reason not to reuse EVPMDPointer?

@tniessen thanks for catching, updated!

addaleax · 2018-04-27T19:04:28Z

CI: https://ci.nodejs.org/job/node-test-commit/18082/

Would anybody in particular like me to wait with landing until they have time to review? I know it’s a large commit, and not urgent, so I really don’t want to push this to land early.

joyeecheung

Rubber stamp LGTM

joyeecheung

Wrong button..

bnoordhuis

Needs a rebase (I'm guessing it conflicts with the EVP_CTRL_AEAD_SET_IVLEN change) but LGTM modulo comments. This PR makes the crypto code a lot nicer!

bnoordhuis · 2018-05-01T13:29:16Z

src/node_crypto.cc

s/ENGINE_free_fn/ENGINE_free/ in the function body.

bnoordhuis · 2018-05-01T13:42:09Z

src/node_crypto.cc

Just a suggestion since this isn't a functional change but it's correcter to use assignment here, like this:

std::vector<char> sbuf; if (char* p = Buffer::Data(args[0])) sbuf.assign(p, p + slen);

The reason is that Buffer::Data() can return nullptr when slen == 0 and passing a nullptr to memcpy() is technically UB, even when the pointer isn't dereferenced.

bnoordhuis · 2018-05-01T13:46:56Z

src/node_crypto.cc

Fits on one line now. (Likewise on lines 3289 and 3378, I think.)

bnoordhuis · 2018-05-01T14:03:17Z

src/node_crypto.cc

Maybe use automatic memory management for this as well (and rename dataSize to data_size while you're here)? Just a suggestion.

Good idea – I’ve switched this to MallocedBuffer, too (that takes care of dataSize anyway)

bnoordhuis · 2018-05-01T14:04:06Z

src/node_crypto.cc

!pub, also on line 4366.

bnoordhuis · 2018-05-01T14:09:03Z

src/node_crypto.cc

4 space indent.

bnoordhuis · 2018-05-01T14:12:45Z

src/util.h

Style: new(this)

Don't know if it matters here but use of placement new sometimes inhibits compiler optimizations.

Don't know if it matters here but use of placement new sometimes inhibits compiler optimizations.

I don’t think we actually use it at this point, so this is just here for completeness

bnoordhuis · 2018-05-01T14:14:50Z

src/util.h

Is this class necessary? A std::unique_ptr with a custom deleter would be sufficient too, wouldn't it?

@bnoordhuis Yes, the difference being that this also tracks the length of the buffer by itself. If you feel strongly about it I can switch to splitting up into two variables again

No strong feelings.

addaleax · 2018-05-01T17:28:26Z

CI: https://ci.nodejs.org/job/node-test-commit/18166/

tniessen · 2018-05-02T11:57:51Z

Rerunning Windows: https://ci.nodejs.org/job/node-test-commit-windows-fanned/17684/

addaleax · 2018-05-03T23:04:33Z

Rebased

CI before landing: https://ci.nodejs.org/job/node-test-commit/18218/

addaleax · 2018-05-04T21:36:21Z

Another day, another merge conflict, another rebase. :)

CI: https://ci.nodejs.org/job/node-test-commit/18232/
Edit: AIX re-run: https://ci.nodejs.org/job/node-test-commit-aix/14729/
Edit²: Fixed compiler warnings, CI: https://ci.nodejs.org/job/node-test-commit/18234/

Prefer custom smart pointers fitted to the OpenSSL data structures over more manual memory management and lots of `goto`s. PR-URL: nodejs#20238 Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>

Prefer custom smart pointers fitted to the OpenSSL data structures over more manual memory management and lots of `goto`s. Backport-PR-URL: #20609 PR-URL: #20238 Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>

Prefer custom smart pointers fitted to the OpenSSL data structures over more manual memory management and lots of `goto`s. PR-URL: nodejs#20238 Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>

Prefer custom smart pointers fitted to the OpenSSL data structures over more manual memory management and lots of `goto`s. Backport-PR-URL: #20706 PR-URL: #20238 Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: James M Snell <jasnell@gmail.com>

addaleax requested review from danbev and tniessen April 23, 2018 22:55

nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. labels Apr 23, 2018

addaleax added crypto Issues and PRs related to the crypto subsystem. and removed lib / src Issues and PRs related to general changes in the lib or src directory. labels Apr 23, 2018

tniessen reviewed Apr 23, 2018

View reviewed changes

danbev approved these changes Apr 24, 2018

View reviewed changes

danbev mentioned this pull request Apr 24, 2018

src: use snake_case_ for private member dh #20245

Closed

2 tasks

bnoordhuis reviewed Apr 24, 2018

View reviewed changes

tniessen reviewed Apr 24, 2018

View reviewed changes

addaleax force-pushed the smart-crypto branch from e4c444a to 58c8bf8 Compare April 27, 2018 19:01

tniessen approved these changes Apr 27, 2018

View reviewed changes

joyeecheung reviewed Apr 28, 2018

View reviewed changes

joyeecheung approved these changes Apr 28, 2018

View reviewed changes

TimothyGu approved these changes Apr 28, 2018

View reviewed changes

bnoordhuis approved these changes May 1, 2018

View reviewed changes

addaleax force-pushed the smart-crypto branch from 58c8bf8 to 72f88a9 Compare May 1, 2018 17:27

addaleax force-pushed the smart-crypto branch from 72f88a9 to e811312 Compare May 3, 2018 23:00

addaleax added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label May 3, 2018

jasnell approved these changes May 3, 2018

View reviewed changes

addaleax force-pushed the smart-crypto branch from e811312 to 0d633dc Compare May 4, 2018 20:28

addaleax added the baking-for-lts PRs that need to wait before landing in a LTS release. label May 8, 2018

addaleax mentioned this pull request May 8, 2018

[v10.x] src: more automatic memory management in node_crypto.cc #20609

Closed

2 tasks

addaleax added backported-to-v10.x and removed backport-requested-v10.x labels May 8, 2018

MylesBorins mentioned this pull request May 8, 2018

v10.1.0 proposal #20606

Merged

targos added backport-requested-v10.x and removed backported-to-v10.x labels May 12, 2018

targos mentioned this pull request May 12, 2018

Need help to backport crypto changes to v10.x-staging #20691

Closed

tniessen mentioned this pull request May 13, 2018

(v10.x backport) Backport 12 crypto commits #20706

Closed

addaleax mentioned this pull request May 14, 2018

v10.2.0 proposal #20724

Merged

targos added backported-to-v10.x and removed backport-requested-v10.x labels May 14, 2018

tniessen mentioned this pull request May 15, 2018

tls: Add PSK support (v9.0.0-pre) #14978

Closed

4 tasks

targos removed the baking-for-lts PRs that need to wait before landing in a LTS release. label Sep 16, 2022

Uh oh!

Conversation

addaleax commented Apr 23, 2018

Checklist

Uh oh!

addaleax commented Apr 23, 2018

Uh oh!

tniessen left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

addaleax commented Apr 23, 2018 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

bnoordhuis left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

addaleax commented Apr 24, 2018

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

addaleax commented Apr 27, 2018

Uh oh!

joyeecheung left a comment

Choose a reason for hiding this comment

Uh oh!

joyeecheung left a comment

Choose a reason for hiding this comment

Uh oh!

bnoordhuis left a comment

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

addaleax commented May 1, 2018

Uh oh!

tniessen commented May 2, 2018

Uh oh!

addaleax commented May 3, 2018

Uh oh!

addaleax commented May 4, 2018 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

addaleax commented Apr 23, 2018 •

edited

Loading

addaleax commented May 4, 2018 •

edited

Loading