fix: reject zero-valued options.add in generatePrime

bartlomieju · claude · bartlomieju · commit cca2a21fd278 · 2026-03-11T22:10:11.000+01:00
A zero-length or all-zero add buffer would pass validation and reach
the Rust generator where modulus operations assume non-zero add,
causing a division-by-zero panic. Throw ERR_OUT_OF_RANGE early.

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/ext/node/polyfills/internal/crypto/random.ts b/ext/node/polyfills/internal/crypto/random.ts
@@ -310,8 +310,13 @@ function validateRandomPrimeJob(
   const remBuf = rem ? toUint8Array(rem) : undefined;
 
   if (addBuf) {
-    // Node.js/OpenSSL: bit count of add must not exceed requested size
+    // add must be non-zero; a zero modulus would cause division by zero in the
+    // Rust generator.
     const addBitCount = bitCount(addBuf);
+    if (addBitCount === 0) {
+      throw new NodeRangeError("ERR_OUT_OF_RANGE", "invalid options.add");
+    }
+    // Node.js/OpenSSL: bit count of add must not exceed requested size
     if (addBitCount > size) {
       throw new NodeRangeError("ERR_OUT_OF_RANGE", "invalid options.add");
     }
