Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(16)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: patches/nss-urandom-abort.patch

Issue 1843333003: Update NSPR to 4.12 and NSS to 3.23 on iOS (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss.git@master
Patch Set: Created 4 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« nss/lib/util/secoid.c ('K') | « patches/nss-static.patch ('k') | scripts/nspr-checkout.sh » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 diff --git a/lib/freebl/unix_rand.c b/lib/freebl/unix_rand.c 1 diff --git a/nss/lib/freebl/unix_rand.c b/nss/lib/freebl/unix_rand.c
2 index 579040e..2f9b3e5 100644 2 index c9674ea..e0d8f58 100644
3 --- a/lib/freebl/unix_rand.c 3 --- a/nss/lib/freebl/unix_rand.c
4 +++ b/lib/freebl/unix_rand.c 4 +++ b/nss/lib/freebl/unix_rand.c
5 @@ -916,8 +916,19 @@ void RNG_SystemInfoForRNG(void) 5 @@ -917,8 +917,19 @@ void RNG_SystemInfoForRNG(void)
6 #if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) \ 6 #if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) \
7 || defined(OPENBSD) || defined(DARWIN) || defined(LINUX) \ 7 || defined(OPENBSD) || defined(DARWIN) || defined(LINUX) \
8 || defined(HPUX) 8 || defined(HPUX)
9 - if (bytes) 9 - if (bytes)
10 + if (bytes == SYSTEM_RNG_SEED_COUNT) 10 + if (bytes == SYSTEM_RNG_SEED_COUNT)
11 return; 11 return;
12 + 12 +
13 + /* 13 + /*
14 + * Modified to abort the process if it failed to read from /dev/urandom. 14 + * Modified to abort the process if it failed to read from /dev/urandom.
15 + * 15 + *
16 + * See crbug.com/244661 for details. 16 + * See crbug.com/244661 for details.
17 + */ 17 + */
18 + fprintf(stderr, "[ERROR:%s(%d)] NSS read %zu bytes (expected %d bytes) " 18 + fprintf(stderr, "[ERROR:%s(%d)] NSS read %zu bytes (expected %d bytes) "
19 + "from /dev/urandom. Abort process.\n", __FILE__, __LINE__, 19 + "from /dev/urandom. Abort process.\n", __FILE__, __LINE__,
20 + bytes, SYSTEM_RNG_SEED_COUNT); 20 + bytes, SYSTEM_RNG_SEED_COUNT);
21 + fflush(stderr); 21 + fflush(stderr);
22 + abort(); 22 + abort();
23 #endif 23 #endif
24 24
25 #ifdef SOLARIS 25 #ifdef SOLARIS
26 @@ -1134,6 +1145,11 @@ static void rng_systemJitter(void) 26 @@ -1135,6 +1146,11 @@ static void rng_systemJitter(void)
27 } 27 }
28 } 28 }
29 29
30 +/* 30 +/*
31 + * Modified to abort the process if it failed to read from /dev/urandom. 31 + * Modified to abort the process if it failed to read from /dev/urandom.
32 + * 32 + *
33 + * See crbug.com/244661 for details. 33 + * See crbug.com/244661 for details.
34 + */ 34 + */
35 size_t RNG_SystemRNG(void *dest, size_t maxLen) 35 size_t RNG_SystemRNG(void *dest, size_t maxLen)
36 { 36 {
37 FILE *file; 37 FILE *file;
38 @@ -1144,7 +1160,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen) 38 @@ -1145,7 +1161,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
39 39
40 file = fopen("/dev/urandom", "r"); 40 file = fopen("/dev/urandom", "r");
41 if (file == NULL) { 41 if (file == NULL) {
42 - return rng_systemFromNoise(dest, maxLen); 42 - return rng_systemFromNoise(dest, maxLen);
43 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " 43 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
44 + "Abort process.\n", __FILE__, __LINE__); 44 + "Abort process.\n", __FILE__, __LINE__);
45 + fflush(stderr); 45 + fflush(stderr);
46 + abort(); 46 + abort();
47 } 47 }
48 /* Read from the underlying file descriptor directly to bypass stdio 48 /* Read from the underlying file descriptor directly to bypass stdio
49 * buffering and avoid reading more bytes than we need from /dev/urandom. 49 * buffering and avoid reading more bytes than we need from /dev/urandom.
50 @@ -1164,8 +1183,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen) 50 @@ -1165,8 +1184,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
51 } 51 }
52 fclose(file); 52 fclose(file);
53 if (fileBytes != maxLen) { 53 if (fileBytes != maxLen) {
54 - PORT_SetError(SEC_ERROR_NEED_RANDOM); /* system RNG failed */ 54 - PORT_SetError(SEC_ERROR_NEED_RANDOM); /* system RNG failed */
55 - fileBytes = 0; 55 - fileBytes = 0;
56 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. " 56 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
57 + "Abort process.\n", __FILE__, __LINE__); 57 + "Abort process.\n", __FILE__, __LINE__);
58 + fflush(stderr); 58 + fflush(stderr);
59 + abort(); 59 + abort();
60 } 60 }
61 return fileBytes; 61 return fileBytes;
62 } 62 }
63 diff --git a/patches/nss-urandom-abort.patch b/patches/nss-urandom-abort.patch
64 index d5f55c8..e69de29 100644
65 --- a/patches/nss-urandom-abort.patch
66 +++ b/patches/nss-urandom-abort.patch
67 @@ -1,62 +0,0 @@
68 -diff --git a/lib/freebl/unix_rand.c b/lib/freebl/unix_rand.c
69 -index 579040e..2f9b3e5 100644
70 ---- a/lib/freebl/unix_rand.c
71 -+++ b/lib/freebl/unix_rand.c
72 -@@ -916,8 +916,19 @@ void RNG_SystemInfoForRNG(void)
73 - #if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) \
74 - || defined(OPENBSD) || defined(DARWIN) || defined(LINUX) \
75 - || defined(HPUX)
76 -- if (bytes)
77 -+ if (bytes == SYSTEM_RNG_SEED_COUNT)
78 - return;
79 -+
80 -+ /*
81 -+ * Modified to abort the process if it failed to read from /dev/urandom.
82 -+ *
83 -+ * See crbug.com/244661 for details.
84 -+ */
85 -+ fprintf(stderr, "[ERROR:%s(%d)] NSS read %zu bytes (expected %d bytes) "
86 -+ "from /dev/urandom. Abort process.\n", __FILE__, __LINE__,
87 -+ bytes, SYSTEM_RNG_SEED_COUNT);
88 -+ fflush(stderr);
89 -+ abort();
90 - #endif
91 -
92 - #ifdef SOLARIS
93 -@@ -1134,6 +1145,11 @@ static void rng_systemJitter(void)
94 - }
95 - }
96 -
97 -+/*
98 -+ * Modified to abort the process if it failed to read from /dev/urandom.
99 -+ *
100 -+ * See crbug.com/244661 for details.
101 -+ */
102 - size_t RNG_SystemRNG(void *dest, size_t maxLen)
103 - {
104 - FILE *file;
105 -@@ -1144,7 +1160,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
106 -
107 - file = fopen("/dev/urandom", "r");
108 - if (file == NULL) {
109 -- return rng_systemFromNoise(dest, maxLen);
110 -+ fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
111 -+ "Abort process.\n", __FILE__, __LINE__);
112 -+ fflush(stderr);
113 -+ abort();
114 - }
115 - /* Read from the underlying file descriptor directly to bypass stdio
116 - * buffering and avoid reading more bytes than we need from /dev/urandom.
117 -@@ -1164,8 +1183,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
118 - }
119 - fclose(file);
120 - if (fileBytes != maxLen) {
121 -- PORT_SetError(SEC_ERROR_NEED_RANDOM); /* system RNG failed */
122 -- fileBytes = 0;
123 -+ fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
124 -+ "Abort process.\n", __FILE__, __LINE__);
125 -+ fflush(stderr);
126 -+ abort();
127 - }
128 - return fileBytes;
129 - }
OLDNEW
« nss/lib/util/secoid.c ('K') | « patches/nss-static.patch ('k') | scripts/nspr-checkout.sh » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698