random: check for increase of entropy_count because of signed conversion (79a84687) · Commits · Mirrors / git.yoctoproject.org / linux-yocto · GitLab

Commit 79a84687 authored Jul 18, 2014 by

Hannes Frederic Sowa Committed by Theodore Ts'o Jul 19, 2014

random: check for increase of entropy_count because of signed conversion



The expression entropy_count -= ibytes << (ENTROPY_SHIFT + 3) could
actually increase entropy_count if during assignment of the unsigned
expression on the RHS (mind the -=) we reduce the value modulo
2^width(int) and assign it to entropy_count. Trinity found this.

[ Commit modified by tytso to add an additional safety check for a
  negative entropy_count -- which should never happen, and to also add
  an additional paranoia check to prevent overly large count values to
  be passed into urandom_read().  ]

Reported-by: Dave Jones <davej@redhat.com>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org

parent 1795cd9b

Hide whitespace changes

Inline Side-by-side

mirror @mirror
mentioned in commit 63c1aae4
· Jun 02, 2022

mentioned in commit 63c1aae4

mentioned in commit 63c1aae40ac16ed136188bb9c9b595c0147fe6fa

Toggle commit list
mirror @mirror
mentioned in commit eda55535
· Jun 02, 2022

mentioned in commit eda55535

mentioned in commit eda555356b39cab00e9c15aa3258786c568cfb3a

Toggle commit list

Please register or to comment