Re: /dev/urandom uses uninit bytes, leaks user data

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, 14 Dec 2007 23:20:30 PST, Matti Linnanvuori said:
> From: Matti Linnanvuori <[email protected]>
> 
> /dev/urandom use no uninit bytes, leak no user data
> 
> Signed-off-by: Matti Linnanvuori <[email protected]>
> 
> ---
> 
> --- a/drivers/char/random.c	2007-12-15 09:09:37.895414000 +0200
> +++ b/drivers/char/random.c	2007-12-15 09:12:02.607831500 +0200
> @@ -689,7 +689,7 @@ static ssize_t extract_entropy(struct en
>   */
>  static void xfer_secondary_pool(struct entropy_store *r, size_t nbytes)
>  {
> -	__u32 tmp[OUTPUT_POOL_WORDS];
> +	static __u32 tmp[OUTPUT_POOL_WORDS];

This looks like a race waiting to happen - what lock is held so we don't have
'tmp' smashed by 2 instances on different CPUs (not a problem when each
instance lives on a hopefully separate stack)?

Attachment: pgpn1cthSeUUc.pgp
Description: PGP signature


[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]
  Powered by Linux