From 3899839a14f68b2dc1e175481e1f262e5572782b Mon Sep 17 00:00:00 2001
From: armorbreak001 <contact@agentvote.cc>
Date: Thu, 30 Apr 2026 04:57:19 +0800
Subject: [PATCH 1/2] crypto: add NULL checks for OpenSSL allocation functions

Replace CHECK() assertions with graceful error handling for
EVP_CIPHER_CTX_new() allocations that could fail under memory
pressure:

- crypto_aes.cc (AES_Cipher): return FAILED status
- crypto_cipher.cc (CommonInit): throw JS error via ThrowCryptoError

Fixes #62774

Signed-off-by: armorbreak001 <contact@agentvote.cc>
---
 src/crypto/crypto_aes.cc    | 4 +++-
 src/crypto/crypto_cipher.cc | 5 ++++-
 2 files changed, 7 insertions(+), 2 deletions(-)

diff --git a/src/crypto/crypto_aes.cc b/src/crypto/crypto_aes.cc
index fa619696ffd5b2..1d601eadfe71e8 100644
--- a/src/crypto/crypto_aes.cc
+++ b/src/crypto/crypto_aes.cc
@@ -48,7 +48,9 @@ WebCryptoCipherStatus AES_Cipher(Environment* env,
   CHECK_EQ(key_data.GetKeyType(), kKeyTypeSecret);
 
   auto ctx = CipherCtxPointer::New();
-  CHECK(ctx);
+  if (!ctx) {
+    return WebCryptoCipherStatus::FAILED;
+  }
 
   if (params.cipher.isWrapMode()) {
     ctx.setAllowWrap();
diff --git a/src/crypto/crypto_cipher.cc b/src/crypto/crypto_cipher.cc
index 638dda0ad10593..33e7dc7986f1c1 100644
--- a/src/crypto/crypto_cipher.cc
+++ b/src/crypto/crypto_cipher.cc
@@ -338,7 +338,10 @@ void CipherBase::CommonInit(const char* cipher_type,
   MarkPopErrorOnReturn mark_pop_error_on_return;
   CHECK(!ctx_);
   ctx_ = CipherCtxPointer::New();
-  CHECK(ctx_);
+  if (!ctx_) {
+    return ThrowCryptoError(
+        env(), ERR_get_error(), "Failed to allocate cipher context");
+  }
 
   if (cipher.isWrapMode()) {
     ctx_.setAllowWrap();

From 1fb33d5db03ed7f120cafbc08ab67308688a28fe Mon Sep 17 00:00:00 2001
From: armorbreak001 <contact@agentvote.cc>
Date: Sat, 16 May 2026 16:36:51 +0800
Subject: [PATCH 2/2] ci: trigger re-run after format fix

Signed-off-by: armorbreak001 <contact@agentvote.cc>