fix: improve error checking

Author: rustyconover

src/crypto_extension.cpp

@@ -125,23 +125,6 @@ namespace duckdb
                 throw InvalidInputException("Unsupported child type in list for crypto_hash");
             }
         }
-
-        // Helper to lookup algorithm - returns nullptr for blake3, throws on invalid algorithm
-        const EVP_MD *LookupAlgorithm(const std::string &hash_name_str)
-        {
-            if (hash_name_str == "blake3")
-            {
-                return nullptr;
-            }
-
-            auto it = GetDigestMap().find(hash_name_str);
-            if (it != GetDigestMap().end())
-            {
-                return it->second();
-            }
-
-            throw InvalidInputException("Invalid hash algorithm '" + hash_name_str + "'");
-        }
     }
 
     inline void CryptoScalarHashFun(DataChunk &args, ExpressionState &state, Vector &result)
@@ -325,25 +308,13 @@ namespace duckdb
 
             int64_t length = lengths[length_idx];
 
-            // Validate length before allocation (CryptoRandomBytes will validate too, but we need to prevent allocation issues)
-            if (length <= 0)
-            {
-                throw InvalidInputException("Random bytes length must be greater than 0");
-            }
-
-            // DuckDB BLOB maximum size is 4GB (2^32 - 1 bytes)
-            constexpr int64_t MAX_BLOB_SIZE = 4294967295LL; // 4GB - 1
-            if (length > MAX_BLOB_SIZE)
-            {
-                throw InvalidInputException(
-                    "Random bytes length must be less than or equal to " +
-                    std::to_string(MAX_BLOB_SIZE) + " bytes (4GB)");
-            }
+            // Validate length before allocation to prevent allocation issues
+            ValidateRandomBytesLength(length);
 
             // Allocate buffer for random bytes
             auto buffer = std::unique_ptr<unsigned char[]>(new unsigned char[length]);
 
-            // Generate random bytes (will also validate length)
+            // Generate random bytes
             CryptoRandomBytes(length, buffer.get());
 
             // Add result as BLOB
@@ -505,7 +476,14 @@ namespace duckdb
                 else
                 {
                     target.ctx = EVP_MD_CTX_new();
-                    EVP_MD_CTX_copy_ex(target.ctx, source.ctx);
+                    if (target.ctx == nullptr)
+                    {
+                        throw InternalException("Failed to create hash context");
+                    }
+                    if (EVP_MD_CTX_copy_ex(target.ctx, source.ctx) != 1)
+                    {
+                        throw InternalException("Failed to copy hash context");
+                    }
                 }
                 target.is_touched = true;
             }

src/crypto_hash.cpp

@@ -45,32 +45,50 @@ namespace duckdb
             }
             return result;
         }
+    }
+
+    const EVP_MD *LookupAlgorithm(const std::string &algorithm)
+    {
+        std::string algo_lower = StringUtil::Lower(algorithm);
 
-        const EVP_MD *getDigestByName(const std::string &algorithm)
+        if (algo_lower == "blake3")
         {
-            std::string algo_lower = StringUtil::Lower(algorithm);
+            return nullptr;
+        }
 
-            if (algo_lower == "blake3")
-            {
-                return nullptr;
-            }
+        auto it = GetDigestMap().find(algo_lower);
+        if (it != GetDigestMap().end())
+        {
+            return it->second();
+        }
 
-            auto it = GetDigestMap().find(algo_lower);
-            if (it != GetDigestMap().end())
-            {
-                return it->second();
-            }
+        throw InvalidInputException(
+            "Invalid hash algorithm '" + algorithm + "'. " +
+            "Available algorithms are: " + getAvailableAlgorithms());
+    }
 
-            return nullptr;
+    void ValidateRandomBytesLength(int64_t length)
+    {
+        if (length <= 0)
+        {
+            throw InvalidInputException("Random bytes length must be greater than 0");
+        }
+
+        if (length > CRYPTO_MAX_RANDOM_BYTES)
+        {
+            throw InvalidInputException(
+                "Random bytes length must be less than or equal to " +
+                std::to_string(CRYPTO_MAX_RANDOM_BYTES) + " bytes (4GB)");
         }
     }
 
     void CryptoHash(const std::string &algorithm, const char *data, size_t data_len, unsigned char *result, unsigned int &result_len)
     {
-        std::string algo_lower = StringUtil::Lower(algorithm);
+        // LookupAlgorithm returns nullptr for blake3, throws on invalid algorithm
+        const EVP_MD *md = LookupAlgorithm(algorithm);
 
         // Handle Blake3 separately since it doesn't use OpenSSL
-        if (algo_lower == "blake3")
+        if (md == nullptr)
         {
             blake3_hasher hasher;
             blake3_hasher_init(&hasher);
@@ -80,15 +98,6 @@ namespace duckdb
             return;
         }
 
-        const EVP_MD *md = getDigestByName(algo_lower);
-
-        if (md == nullptr)
-        {
-            throw InvalidInputException(
-                "Invalid hash algorithm '" + algorithm + "'. " +
-                "Available algorithms are: " + getAvailableAlgorithms());
-        }
-
         EVP_MD_CTX *ctx = EVP_MD_CTX_new();
         if (ctx == nullptr)
         {
@@ -113,10 +122,11 @@ namespace duckdb
 
     void CryptoHmac(const std::string &algorithm, const std::string &key, const std::string &data, unsigned char *result, unsigned int &result_len)
     {
-        std::string algo_lower = StringUtil::Lower(algorithm);
+        // LookupAlgorithm returns nullptr for blake3, throws on invalid algorithm
+        const EVP_MD *md = LookupAlgorithm(algorithm);
 
         // Handle Blake3 HMAC separately
-        if (algo_lower == "blake3")
+        if (md == nullptr)
         {
             // Blake3 keyed mode requires exactly 32 bytes for the key
             if (key.size() != BLAKE3_KEY_LEN)
@@ -132,15 +142,6 @@ namespace duckdb
             return;
         }
 
-        const EVP_MD *md = getDigestByName(algo_lower);
-
-        if (md == nullptr)
-        {
-            throw InvalidInputException(
-                "Invalid hash algorithm '" + algorithm + "'. " +
-                "Available algorithms are: " + getAvailableAlgorithms());
-        }
-
         unsigned char *hmac_result = HMAC(
             md,
             key.data(), key.size(),
@@ -155,20 +156,7 @@ namespace duckdb
 
     void CryptoRandomBytes(int64_t length, unsigned char *result)
     {
-        // Validate input length
-        if (length <= 0)
-        {
-            throw InvalidInputException("Random bytes length must be greater than 0");
-        }
-
-        // DuckDB BLOB maximum size is 4GB (2^32 - 1 bytes)
-        constexpr int64_t MAX_BLOB_SIZE = 4294967295LL; // 4GB - 1
-        if (length > MAX_BLOB_SIZE)
-        {
-            throw InvalidInputException(
-                "Random bytes length must be less than or equal to " +
-                std::to_string(MAX_BLOB_SIZE) + " bytes (4GB)");
-        }
+        ValidateRandomBytesLength(length);
 
         // Generate random bytes using OpenSSL's RAND_bytes
         // RAND_bytes is cryptographically secure and automatically seeds itself

src/include/crypto_hash.hpp

@@ -10,9 +10,18 @@ typedef struct evp_md_st EVP_MD;
 
 namespace duckdb {
 
+// Maximum size for random bytes (DuckDB BLOB max is 4GB - 1)
+constexpr int64_t CRYPTO_MAX_RANDOM_BYTES = 4294967295LL;
+
 // Get the shared digest map for algorithm name lookups
 const std::unordered_map<std::string, std::function<const EVP_MD *()>>& GetDigestMap();
 
+// Lookup algorithm by name - returns nullptr for blake3, throws on invalid algorithm
+const EVP_MD* LookupAlgorithm(const std::string& algorithm);
+
+// Validate random bytes length - throws InvalidInputException if invalid
+void ValidateRandomBytesLength(int64_t length);
+
 // Compute a cryptographic hash of the input data
 void CryptoHash(const std::string& algorithm, const std::string& data, unsigned char* result, unsigned int& result_len);