- Version: master
- Platform: all
- Subsystem: crypto
Passing getters for the scrypt parameters N, r, p (or their aliases) can cause the process to crash with an assertion error if the getters don't return the same value at all times:
> crypto.scryptSync('', '', 1, { count: 0, get N() { if (++this.count > 2) return undefined; return 1; } })
node[15812]: c:\ws\src\node_crypto.cc:6070: Assertion `args[3]->IsUint32()' failed.
I'm not labeling this security since it is virtually impossible to exploit remotely.
Passing getters for the scrypt parameters
N,r,p(or their aliases) can cause the process to crash with an assertion error if the getters don't return the same value at all times:I'm not labeling this
securitysince it is virtually impossible to exploit remotely.