tls: validate ticket keys buffer

Fixes: https://github.com/nodejs/node/issues/38305 PR-URL: https://github.com/nodejs/node/pull/38308 Reviewed-By: Darshan Sen <raisinten@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
2024-11-21 10:59:27 +00:00 · 2021-04-20 11:59:02 +02:00 · 2021-04-20 11:59:02 +02:00 · e151e909fd
commit e151e909fd
parent 37b811a27a
3 changed files with 29 additions and 1 deletions
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@ -730,7 +730,8 @@ existing server. Existing connections to the server are not interrupted.
 added: v3.0.0
 -->

-* `keys` {Buffer} A 48-byte buffer containing the session ticket keys.
+* `keys` {Buffer|TypedArray|DataView} A 48-byte buffer containing the session
+  ticket keys.

 Sets the session ticket keys.

--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@ -1396,6 +1396,9 @@ Server.prototype.getTicketKeys = function getTicketKeys() {


 Server.prototype.setTicketKeys = function setTicketKeys(keys) {
+  validateBuffer(keys);
+  assert(keys.byteLength === 48,
+         'Session ticket keys must be a 48-byte buffer');
  this._sharedCreds.context.setTicketKeys(keys);
 };

--- a/test/parallel/test-tls-ticket-invalid-arg.js
+++ b/test/parallel/test-tls-ticket-invalid-arg.js
@ -0,0 +1,24 @@
+'use strict';
+const common = require('../common');
+if (!common.hasCrypto) {
+  common.skip('missing crypto');
+}
+
+const assert = require('assert');
+const tls = require('tls');
+
+const server = new tls.Server();
+
+[null, undefined, 0, 1, 1n, Symbol(), {}, [], true, false, '', () => {}]
+  .forEach((arg) =>
+    assert.throws(
+      () => server.setTicketKeys(arg),
+      { code: 'ERR_INVALID_ARG_TYPE' }
+    ));
+
+[new Uint8Array(1), Buffer.from([1]), new DataView(new ArrayBuffer(2))].forEach(
+  (arg) =>
+    assert.throws(() => {
+      server.setTicketKeys(arg);
+    }, /Session ticket keys must be a 48-byte buffer/)
+);