[krbdev.mit.edu #2871] Bug in lib/crypto/prng.c
Christian Pfaffel via RT
rt-comment at krbdev.mit.edu
Tue Jan 11 16:02:16 EST 2005
Hi!
The following patch fixes a hang caused by an infinite loop in
read_entropy_from_device(), if the device exists, but read returns -1.
This happens for sintance on OpenBSD. Since the return value of read
is assigned to count and thus cast to size_t, the check (count <= 0)
does not fail for (count == -1).
I therefor suggest the following patch for 1.3.6. It also applies to
krb5-current with an offset.
Best regards,
Christian
diff -r -u krb5-1.3.6/src/lib/crypto/prng.c krb5-1.3.6.new/src/lib/crypto/prng.c
--- krb5-1.3.6/src/lib/crypto/prng.c 2003-03-06 21:08:24.000000000 +0100
+++ krb5-1.3.6.new/src/lib/crypto/prng.c 2005-01-11 21:13:53.000000000 +0100
@@ -164,9 +164,9 @@
return 0;
}
for (left = sizeof (buf); left > 0;) {
- size_t count;
+ ssize_t count;
count = read (fd, &buf, (unsigned) left);
- if (count <= 0) {
+ if ((count == -1) || (count <= 0)) {
close(fd);
return 0;
}
More information about the krb5-bugs
mailing list