From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.1 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED, MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 31696 invoked from network); 9 Apr 2022 11:16:46 -0000 Received: from mother.openwall.net (195.42.179.200) by inbox.vuxu.org with ESMTPUTF8; 9 Apr 2022 11:16:46 -0000 Received: (qmail 12063 invoked by uid 550); 9 Apr 2022 11:16:42 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 17643 invoked from network); 9 Apr 2022 00:11:11 -0000 Authentication-Results: smtp.kernel.org; dkim=pass (1024-bit key) header.d=zx2c4.com header.i=@zx2c4.com header.b="MePK708I" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zx2c4.com; s=20210105; t=1649463057; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=+1VSw2H/doLWoFwglooygIkM+lllgmARzdC6mcyT3js=; b=MePK708IEdvTQjPrShR6027b61vO7viTlH2po+f2FeV/NtCj/3Q2DV9oYnJbYfyQTUfCjk 8melhD0PkXxJLI5+rRc7y3Jos40NrT7XL9FvhM8BcjhV2FxqjgYyA3gOg1FJUfdMF+U1Zr odjLhXeQ9oV6zsvSytX7Mb03EPbi5J4= From: "Jason A. Donenfeld" To: musl@lists.openwall.com Cc: "Jason A. Donenfeld" Date: Sat, 9 Apr 2022 02:10:47 +0200 Message-Id: <20220409001047.234283-1-Jason@zx2c4.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [musl] [PATCH] getentropy: fail if buffer not completely filled The man page for getentropy says that it either completely succeeds or completely fails, and indeed this is what glibc does. However, musl has a condition where it breaks out of the loop early, yet still returns a success. This patch fixes that by returning a success only if the buffer is completely filled. While we're at it, prevent an unexpected infinite loop if the function returns 0, the same way glibc does, just in case. --- src/misc/getentropy.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/misc/getentropy.c b/src/misc/getentropy.c index 651ea95f..5b2fc7a1 100644 --- a/src/misc/getentropy.c +++ b/src/misc/getentropy.c @@ -6,7 +6,7 @@ int getentropy(void *buffer, size_t len) { - int cs, ret = 0; + int cs, ret; char *pos = buffer; if (len > 256) { @@ -18,16 +18,19 @@ int getentropy(void *buffer, size_t len) while (len) { ret = getrandom(pos, len, 0); - if (ret < 0) { + if (ret <= 0) { if (errno == EINTR) continue; else break; } pos += ret; len -= ret; - ret = 0; } pthread_setcancelstate(cs, 0); - return ret; + if (len) { + errno = EIO; + return -1; + } + return 0; } -- 2.35.1