diff options
author | nia <nia@netbsd.org> | 2020-04-30 14:43:04 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2020-05-04 09:04:41 +0100 |
commit | 352933bd664e6145366b51b50821c8aefd652aa8 (patch) | |
tree | 7de0721d248fe8dc89d5275629ba704c5ea0cb51 /crypto | |
parent | 3c64c50bcf848bd341dd4c4541a70a76883f5147 (diff) |
rand_unix.c: Ensure requests to KERN_ARND don't exceed 256 bytes.
Requests for more than 256 bytes will fail.
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/11689)
(cherry picked from commit 7421f085005e0d7a1dd2fe61b991ff23cef91c22)
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/rand/rand_unix.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index 177ee6958f..19b6138a1f 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -270,7 +270,7 @@ static ssize_t sysctl_random(char *buf, size_t buflen) mib[1] = KERN_ARND; do { - len = buflen; + len = buflen > 256 ? 256 : buflen; if (sysctl(mib, 2, buf, &len, NULL, 0) == -1) return done > 0 ? done : -1; done += len; |