patches/nss-urandom-abort.patch - Issue 15990009: Call abort() if NSS cannot read from /dev/urandom.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: patches/nss-urandom-abort.patch

Issue 15990009: Call abort() if NSS cannot read from /dev/urandom. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/deps/third_party/nss/

Patch Set: Created 7 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
(Empty)
	1 Index: nss/lib/freebl/unix_rand.c

	2 ===================================================================

	3 --- nss/lib/freebl/unix_rand.c (revision 204056)

	4 +++ nss/lib/freebl/unix_rand.c (working copy)

	5 @@ -918,6 +918,16 @@

	6 \|\| defined(HPUX)

	7 if (bytes)

	8 return;

	9 +

	10 + /*

	11 + * Modified to abort the process if it failed to read from /dev/urandom.

	12 + *

	13 + * See crbug.com/244661 for details.

	14 + */

	15 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "

	16 + "Abort process.\n", __FILE__, __LINE__);

	17 + fflush(stderr);

	18 + abort();

	19 #endif

	20

	21 #ifdef SOLARIS

	22 @@ -968,9 +978,8 @@

	23 /* suppress valgrind warnings due to holes in struct stat */

	24 memset(&stat_buf, 0, sizeof(stat_buf));

	25

	26 - if (stat((char *)fileName, &stat_buf) < 0)

	27 - return fileBytes;

	28 - RNG_RandomUpdate(&stat_buf, sizeof(stat_buf));

	29 + if (stat((char *)fileName, &stat_buf) == 0)

	30 + RNG_RandomUpdate(&stat_buf, sizeof(stat_buf));

	31

	32 file = fopen((char *)fileName, "r");

	33 if (file != NULL) {

	34 @@ -1132,7 +1141,15 @@

	35

	36 file = fopen("/dev/urandom", "r");

	37 if (file == NULL) {

	38 - return rng_systemFromNoise(dest, maxLen);

	39 + /*

	40 + * Modified to abort the process if it failed to read from /dev/urandom.

	41 + *

	42 + * See crbug.com/244661 for details.

	43 + */

	44 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "

	45 + "Abort process.\n", __FILE__, __LINE__);

	46 + fflush(stderr);

	47 + abort();

	48 }

	49 while (maxLen > fileBytes) {

	50 bytes = maxLen - fileBytes;

OLD	NEW

« nss/lib/freebl/unix_rand.c ('K') | « nss/lib/freebl/unix_rand.c ('k') | no next file » | no next file with comments »