From: Ezra Peisach <epeisach@mit.edu>
Date: Mon, 20 Aug 2007 14:50:41 +0000 (+0000)
Subject: read_entropy_from_device on partial read will not fill buffer
X-Git-Tag: krb5-1.7-alpha1~952
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=6fd1d4a89ac144dd4706dc98e4be0a5ff4823411;p=krb5.git

read_entropy_from_device on partial read will not fill buffer

read_entropy_from_device() will loop in read until the desired number
of bytes are read from the device (/dev/random, /dev/urandom).  I have
observed that for /dev/random, if there is not enough bits available
for reading - it will return a partial read.  The code would loop in
this case, but never advance the location to place the new bytes -
hence the start of the buffer would be filled again - leaving the tail
end as stack garbage.

ticket: new
tags: pullup

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@19845 dc483132-0cff-0310-8789-dd5450dbe970
---

diff --git a/src/lib/crypto/prng.c b/src/lib/crypto/prng.c
index 95d5868b7..e1e34a2c3 100644
--- a/src/lib/crypto/prng.c
+++ b/src/lib/crypto/prng.c
@@ -161,7 +161,7 @@ read_entropy_from_device (krb5_context context, const char *device)
   krb5_data data;
   struct stat sb;
   int fd;
-  unsigned char buf[YARROW_SLOW_THRESH/8];
+  unsigned char buf[YARROW_SLOW_THRESH/8], *bp;
   int left;
   fd = open (device, O_RDONLY);
   if (fd == -1)
@@ -172,14 +172,16 @@ read_entropy_from_device (krb5_context context, const char *device)
     close(fd);
     return 0;
   }
-  for (left = sizeof (buf); left > 0;) {
+
+  for (bp = &buf, left = sizeof (buf); left > 0;) {
     ssize_t count;
-    count = read (fd, &buf, (unsigned) left);
+    count = read (fd, bp, (unsigned) left);
     if (count <= 0) {
       close(fd);
       return 0;
     }
     left -= count;
+    bp += count;
   }
   close (fd);
   data.length = sizeof (buf);
@@ -198,7 +200,7 @@ krb5_c_random_os_entropy (krb5_context context,
   int unused;
   int *oursuccess = success?success:&unused;
   *oursuccess = 0;
-  /* If we are getting strong data then try that first.  We aare
+  /* If we are getting strong data then try that first.  We are
      guaranteed to cause a reseed of some kind if strong is true and
      we have both /dev/random and /dev/urandom.  We want the strong
      data included in the reseed so we get it first.*/