src: fix abort in pbkdf2

Fixes: #38341

PR-URL: #38354
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>

Author: tniessen

src/crypto/crypto_pbkdf2.cc

@@ -92,26 +92,20 @@ Maybe<bool> PBKDF2Traits::AdditionalConfig(
 
   params->iterations = args[offset + 2].As<Int32>()->Value();
   if (params->iterations < 0) {
-    char msg[1024];
-    snprintf(msg, sizeof(msg), "iterations must be <= %d", INT_MAX);
-    THROW_ERR_OUT_OF_RANGE(env, msg);
+    THROW_ERR_OUT_OF_RANGE(env, "iterations must be <= %d", INT_MAX);
     return Nothing<bool>();
   }
 
   params->length = args[offset + 3].As<Int32>()->Value();
   if (params->length < 0) {
-    char msg[1024];
-    snprintf(msg, sizeof(msg), "length must be <= %d", INT_MAX);
-    THROW_ERR_OUT_OF_RANGE(env, msg);
+    THROW_ERR_OUT_OF_RANGE(env, "length must be <= %d", INT_MAX);
     return Nothing<bool>();
   }
 
   Utf8Value name(args.GetIsolate(), args[offset + 4]);
   params->digest = EVP_get_digestbyname(*name);
   if (params->digest == nullptr) {
-    char errmsg[1024];
-    snprintf(errmsg, sizeof(errmsg), "Invalid digest: %s", *name);
-    THROW_ERR_CRYPTO_INVALID_DIGEST(env, errmsg);
+    THROW_ERR_CRYPTO_INVALID_DIGEST(env, "Invalid digest: %s", *name);
     return Nothing<bool>();
   }
 

test/parallel/test-crypto-pbkdf2.js

@@ -231,3 +231,15 @@ if (!common.hasOpenSSL3) {
       runPBKDF2(new Uint8Array(10), 'salt', 8, 8, hash);
     });
 }
+
+{
+  // This should not crash.
+  assert.throws(
+    () => crypto.pbkdf2Sync('1', '2', 1, 1, '%'),
+    {
+      code: 'ERR_CRYPTO_INVALID_DIGEST',
+      name: 'TypeError',
+      message: 'Invalid digest: %'
+    }
+  );
+}