From e6756c3e666e33aa9ee650b7a348a41d29cb3160 Mon Sep 17 00:00:00 2001
From: Luca Casonato <hello@lcas.dev>
Date: Fri, 21 Jun 2024 12:25:07 +0200
Subject: fix(ext/node): don't panic on invalid utf-8 in pem (#24303)

---
 ext/node/ops/crypto/mod.rs | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

(limited to 'ext')

diff --git a/ext/node/ops/crypto/mod.rs b/ext/node/ops/crypto/mod.rs
index 53a3ea3f0..666ce8409 100644
--- a/ext/node/ops/crypto/mod.rs
+++ b/ext/node/ops/crypto/mod.rs
@@ -1493,8 +1493,13 @@ fn parse_private_key(
 ) -> Result<pkcs8::SecretDocument, AnyError> {
   match format {
     "pem" => {
-      let (_, doc) =
-        pkcs8::SecretDocument::from_pem(std::str::from_utf8(key).unwrap())?;
+      let pem = std::str::from_utf8(key).map_err(|err| {
+        type_error(format!(
+          "Invalid PEM private key: not valid utf8 starting at byte {}",
+          err.valid_up_to()
+        ))
+      })?;
+      let (_, doc) = pkcs8::SecretDocument::from_pem(pem)?;
       Ok(doc)
     }
     "der" => {
@@ -1600,8 +1605,13 @@ fn parse_public_key(
 ) -> Result<pkcs8::Document, AnyError> {
   match format {
     "pem" => {
-      let (label, doc) =
-        pkcs8::Document::from_pem(std::str::from_utf8(key).unwrap())?;
+      let pem = std::str::from_utf8(key).map_err(|err| {
+        type_error(format!(
+          "Invalid PEM private key: not valid utf8 starting at byte {}",
+          err.valid_up_to()
+        ))
+      })?;
+      let (label, doc) = pkcs8::Document::from_pem(pem)?;
       if label != "PUBLIC KEY" {
         return Err(type_error("Invalid PEM label"));
       }
-- 
cgit v1.2.3