Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(78)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: patches/nss-urandom-abort.patch

Issue 1504923011: Update NSS to 3.21 RTM and NSPR to 4.11 RTM (Closed) Base URL: http://src.chromium.org/svn/trunk/deps/third_party/nss
Patch Set: Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« nss/lib/util/pkcs11n.h ('K') | « patches/nss-static.patch ('k') | scripts/nspr-checkout.sh » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 diff -r c3565a90b8c4 lib/freebl/unix_rand.c 1 diff --git a/lib/freebl/unix_rand.c b/lib/freebl/unix_rand.c
2 --- a/lib/freebl/unix_rand.c» Fri Jan 03 20:59:10 2014 +0100 2 index 579040e..2f9b3e5 100644
3 +++ b/lib/freebl/unix_rand.c» Tue Jan 07 11:28:59 2014 -0800 3 --- a/lib/freebl/unix_rand.c
4 @@ -916,8 +916,19 @@ 4 +++ b/lib/freebl/unix_rand.c
5 @@ -916,8 +916,19 @@ void RNG_SystemInfoForRNG(void)
5 #if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) \ 6 #if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) \
6 || defined(OPENBSD) || defined(DARWIN) || defined(LINUX) \ 7 || defined(OPENBSD) || defined(DARWIN) || defined(LINUX) \
7 || defined(HPUX) 8 || defined(HPUX)
8 - if (bytes) 9 - if (bytes)
9 + if (bytes == SYSTEM_RNG_SEED_COUNT) 10 + if (bytes == SYSTEM_RNG_SEED_COUNT)
10 return; 11 return;
11 + 12 +
12 + /* 13 + /*
13 + * Modified to abort the process if it failed to read from /dev/urandom. 14 + * Modified to abort the process if it failed to read from /dev/urandom.
14 + * 15 + *
15 + * See crbug.com/244661 for details. 16 + * See crbug.com/244661 for details.
16 + */ 17 + */
17 + fprintf(stderr, "[ERROR:%s(%d)] NSS read %zu bytes (expected %d bytes) " 18 + fprintf(stderr, "[ERROR:%s(%d)] NSS read %zu bytes (expected %d bytes) "
18 + "from /dev/urandom. Abort process.\n", __FILE__, __LINE__, 19 + "from /dev/urandom. Abort process.\n", __FILE__, __LINE__,
19 + bytes, SYSTEM_RNG_SEED_COUNT); 20 + bytes, SYSTEM_RNG_SEED_COUNT);
20 + fflush(stderr); 21 + fflush(stderr);
21 + abort(); 22 + abort();
22 #endif 23 #endif
23 24
24 #ifdef SOLARIS 25 #ifdef SOLARIS
25 @@ -1134,6 +1145,11 @@ 26 @@ -1134,6 +1145,11 @@ static void rng_systemJitter(void)
26 } 27 }
27 } 28 }
28 29
29 +/* 30 +/*
30 + * Modified to abort the process if it failed to read from /dev/urandom. 31 + * Modified to abort the process if it failed to read from /dev/urandom.
31 + * 32 + *
32 + * See crbug.com/244661 for details. 33 + * See crbug.com/244661 for details.
33 + */ 34 + */
34 size_t RNG_SystemRNG(void *dest, size_t maxLen) 35 size_t RNG_SystemRNG(void *dest, size_t maxLen)
35 { 36 {
36 FILE *file; 37 FILE *file;
37 @@ -1144,7 +1160,10 @@ 38 @@ -1144,7 +1160,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
38 39
39 file = fopen("/dev/urandom", "r"); 40 file = fopen("/dev/urandom", "r");
40 if (file == NULL) { 41 if (file == NULL) {
41 - return rng_systemFromNoise(dest, maxLen); 42 - return rng_systemFromNoise(dest, maxLen);
42 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " 43 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
43 + "Abort process.\n", __FILE__, __LINE__); 44 + "Abort process.\n", __FILE__, __LINE__);
44 + fflush(stderr); 45 + fflush(stderr);
45 + abort(); 46 + abort();
46 } 47 }
47 /* Read from the underlying file descriptor directly to bypass stdio 48 /* Read from the underlying file descriptor directly to bypass stdio
48 * buffering and avoid reading more bytes than we need from /dev/urandom. 49 * buffering and avoid reading more bytes than we need from /dev/urandom.
49 @@ -1164,8 +1183,10 @@ 50 @@ -1164,8 +1183,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
50 } 51 }
51 fclose(file); 52 fclose(file);
52 if (fileBytes != maxLen) { 53 if (fileBytes != maxLen) {
53 - PORT_SetError(SEC_ERROR_NEED_RANDOM); /* system RNG failed */ 54 - PORT_SetError(SEC_ERROR_NEED_RANDOM); /* system RNG failed */
54 - fileBytes = 0; 55 - fileBytes = 0;
55 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " 56 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
56 + "Abort process.\n", __FILE__, __LINE__); 57 + "Abort process.\n", __FILE__, __LINE__);
57 + fflush(stderr); 58 + fflush(stderr);
58 + abort(); 59 + abort();
59 } 60 }
60 return fileBytes; 61 return fileBytes;
61 } 62 }
OLDNEW
« nss/lib/util/pkcs11n.h ('K') | « patches/nss-static.patch ('k') | scripts/nspr-checkout.sh » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698