add more checks for keylen

fanatid · fanatid · commit f64f48dcf5c0 · 2016-02-24T16:56:09.000+03:00
diff --git a/browser.js b/browser.js
@@ -21,7 +21,7 @@ function pbkdf2 (password, salt, iterations, keylen, digest, callback) {
   })
 }
 
-function checkParameters(iterations, keylen) {
+function checkParameters (iterations, keylen) {
   if (typeof iterations !== 'number') {
     throw new TypeError('Iterations not a number')
   }
@@ -34,7 +34,7 @@ function checkParameters(iterations, keylen) {
     throw new TypeError('Key length not a number')
   }
 
-  if (keylen < 0 || keylen > MAX_ALLOC) {
+  if (keylen < 0 || keylen > MAX_ALLOC || isNaN(keylen)) {
     throw new TypeError('Bad key length')
   }
 }
diff --git a/index.js b/index.js
@@ -18,7 +18,7 @@ function asyncPBKDF2 (password, salt, iterations, keylen, digest, callback) {
     throw new TypeError('Key length not a number')
   }
 
-  if (keylen < 0 || keylen > MAX_ALLOC) {
+  if (keylen < 0 || keylen > MAX_ALLOC || isNaN(keylen)) {
     throw new TypeError('Bad key length')
   }
 
diff --git a/test/fixtures.json b/test/fixtures.json
@@ -159,13 +159,6 @@
       "iterations": 1,
       "dkLen": -1,
       "exception": "Bad key length"
-    },
-    {
-      "key": "password",
-      "salt": "salt",
-      "iterations": 1,
-      "dkLen": 4073741824,
-      "exception": "Bad key length"
     }
   ]
 }
diff --git a/test/index.js b/test/index.js
@@ -3,6 +3,20 @@ var compatNode = require('../')
 var compatBrowser = require('../browser')
 var fixtures = require('./fixtures')
 
+fixtures.invalid.push({
+  "key": "password",
+  "salt": "salt",
+  "iterations": 1,
+  "dkLen": NaN,
+  "exception": "Bad key length"
+}, {
+  "key": "password",
+  "salt": "salt",
+  "iterations": 1,
+  "dkLen": Infinity,
+  "exception": "Bad key length"
+})
+
 // SHA-1 vectors generated by Node.js
 // SHA-256/SHA-512 test vectors from:
 // https://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors

Original file line number	Diff line number	Diff line change
`@@ -21,7 +21,7 @@ function pbkdf2 (password, salt, iterations, keylen, digest, callback) {`
`21`	`21`	`})`
`22`	`22`	`}`
`23`	`23`
`24`		`-function checkParameters(iterations, keylen) {`
	`24`	`+function checkParameters (iterations, keylen) {`
`25`	`25`	`if (typeof iterations !== 'number') {`
`26`	`26`	`throw new TypeError('Iterations not a number')`
`27`	`27`	`}`
`@@ -34,7 +34,7 @@ function checkParameters(iterations, keylen) {`
`34`	`34`	`throw new TypeError('Key length not a number')`
`35`	`35`	`}`
`36`	`36`
`37`		`- if (keylen < 0 \|\| keylen > MAX_ALLOC) {`
	`37`	`+ if (keylen < 0 \|\| keylen > MAX_ALLOC \|\| isNaN(keylen)) {`
`38`	`38`	`throw new TypeError('Bad key length')`
`39`	`39`	`}`
`40`	`40`	`}`
Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@ function asyncPBKDF2 (password, salt, iterations, keylen, digest, callback) {`
`18`	`18`	`throw new TypeError('Key length not a number')`
`19`	`19`	`}`
`20`	`20`
`21`		`- if (keylen < 0 \|\| keylen > MAX_ALLOC) {`
	`21`	`+ if (keylen < 0 \|\| keylen > MAX_ALLOC \|\| isNaN(keylen)) {`
`22`	`22`	`throw new TypeError('Bad key length')`
`23`	`23`	`}`
`24`	`24`
Original file line number	Diff line number	Diff line change
`@@ -159,13 +159,6 @@`
`159`	`159`	`"iterations": 1,`
`160`	`160`	`"dkLen": -1,`
`161`	`161`	`"exception": "Bad key length"`
`162`		`- },`
`163`		`- {`
`164`		`- "key": "password",`
`165`		`- "salt": "salt",`
`166`		`- "iterations": 1,`
`167`		`- "dkLen": 4073741824,`
`168`		`- "exception": "Bad key length"`
`169`	`162`	`}`
`170`	`163`	`]`
`171`	`164`	`}`