fix: validate salt rounds to prevent hang on negative values#1222
Open
abhu85 wants to merge 1 commit intokelektiv:masterfrom
Open
fix: validate salt rounds to prevent hang on negative values#1222abhu85 wants to merge 1 commit intokelektiv:masterfrom
abhu85 wants to merge 1 commit intokelektiv:masterfrom
Conversation
Negative salt rounds (e.g., -1) caused bcrypt.hash() to hang indefinitely because the C++ layer clamped negative values to 31 (the maximum), resulting in 2^31 iterations that would take hundreds of years to complete. This commit adds input validation to reject negative rounds early with a clear error message. Also fixes a pre-existing bug where genSalt errors in hash() were not properly propagated to the callback. Fixes kelektiv#1218 Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Problem
Calling
bcrypt.hash('password', -1, callback)caused the process to hang indefinitely (issue #1218).Root cause: Negative rounds values were passed to the C++ layer, which clamped them to 31 (the maximum valid value). This resulted in 2^31 = 2,147,483,648 iterations - effectively infinite computation time.
Solution
Validate that rounds must be non-negative in both
genSalt()andgenSaltSync(). The error is thrown/returned consistently across all APIs:Error('rounds must be a positive integer')Also fixed a pre-existing bug where errors from
genSalt()insidehash()were not propagated to the callback - the callback was called withundefinedsalt, causing a TypeError.Test Plan
salt_rounds_is_negativetest in sync.test.jshash_rounds_is_negativetest in sync.test.jssalt_rounds_is_negativetest in async.test.jshash_rounds_is_negativetest in async.test.jssalt_rounds_is_negativetest in promise.test.jshash_rounds_is_negativetest in promise.test.jsFixes #1218