rand_unix.c: Ensure requests to KERN_ARND don't exceed 256 bytes.

Requests for more than 256 bytes will fail. Reviewed-by: Paul Dale <paul.dale@oracle.com> Reviewed-by: Matt Caswell <matt@openssl.org> (Merged from https://github.com/openssl/openssl/pull/11689) (cherry picked from commit 7421f085005e0d7a1dd2fe61b991ff23cef91c22)
author: nia <nia@netbsd.org> 2020-04-30 14:43:04 +0100
committer: Matt Caswell <matt@openssl.org> 2020-05-04 09:04:41 +0100
commit: 352933bd664e6145366b51b50821c8aefd652aa8 (patch)
tree: 7de0721d248fe8dc89d5275629ba704c5ea0cb51 /crypto
parent: 3c64c50bcf848bd341dd4c4541a70a76883f5147 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index 177ee6958f..19b6138a1f 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -270,7 +270,7 @@ static ssize_t sysctl_random(char *buf, size_t buflen)
     mib[1] = KERN_ARND;
 
     do {
-        len = buflen;
+        len = buflen > 256 ? 256 : buflen;
         if (sysctl(mib, 2, buf, &len, NULL, 0) == -1)
             return done > 0 ? done : -1;
         done += len;
author	nia <nia@netbsd.org>	2020-04-30 14:43:04 +0100
committer	Matt Caswell <matt@openssl.org>	2020-05-04 09:04:41 +0100
commit	352933bd664e6145366b51b50821c8aefd652aa8 (patch)
tree	7de0721d248fe8dc89d5275629ba704c5ea0cb51 /crypto
parent	3c64c50bcf848bd341dd4c4541a70a76883f5147 (diff)