Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(144)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: patches/nss-urandom-abort.patch

Issue 2078763002: Delete bundled copy of NSS and replace with README. (Closed) Base URL: https://chromium.googlesource.com/chromium/deps/nss@master
Patch Set: Delete bundled copy of NSS and replace with README. Created 4 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « patches/nss-static.patch ('k') | patches/prcpucfg.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 diff --git a/nss/lib/freebl/unix_rand.c b/nss/lib/freebl/unix_rand.c
2 index c9674ea..e0d8f58 100644
3 --- a/nss/lib/freebl/unix_rand.c
4 +++ b/nss/lib/freebl/unix_rand.c
5 @@ -917,8 +917,19 @@ void RNG_SystemInfoForRNG(void)
6 #if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) \
7 || defined(OPENBSD) || defined(DARWIN) || defined(LINUX) \
8 || defined(HPUX)
9 - if (bytes)
10 + if (bytes == SYSTEM_RNG_SEED_COUNT)
11 return;
12 +
13 + /*
14 + * Modified to abort the process if it failed to read from /dev/urandom.
15 + *
16 + * See crbug.com/244661 for details.
17 + */
18 + fprintf(stderr, "[ERROR:%s(%d)] NSS read %zu bytes (expected %d bytes) "
19 + "from /dev/urandom. Abort process.\n", __FILE__, __LINE__,
20 + bytes, SYSTEM_RNG_SEED_COUNT);
21 + fflush(stderr);
22 + abort();
23 #endif
24
25 #ifdef SOLARIS
26 @@ -1135,6 +1146,11 @@ static void rng_systemJitter(void)
27 }
28 }
29
30 +/*
31 + * Modified to abort the process if it failed to read from /dev/urandom.
32 + *
33 + * See crbug.com/244661 for details.
34 + */
35 size_t RNG_SystemRNG(void *dest, size_t maxLen)
36 {
37 FILE *file;
38 @@ -1145,7 +1161,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
39
40 file = fopen("/dev/urandom", "r");
41 if (file == NULL) {
42 - return rng_systemFromNoise(dest, maxLen);
43 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
44 + "Abort process.\n", __FILE__, __LINE__);
45 + fflush(stderr);
46 + abort();
47 }
48 /* Read from the underlying file descriptor directly to bypass stdio
49 * buffering and avoid reading more bytes than we need from /dev/urandom.
50 @@ -1165,8 +1184,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
51 }
52 fclose(file);
53 if (fileBytes != maxLen) {
54 - PORT_SetError(SEC_ERROR_NEED_RANDOM); /* system RNG failed */
55 - fileBytes = 0;
56 + fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
57 + "Abort process.\n", __FILE__, __LINE__);
58 + fflush(stderr);
59 + abort();
60 }
61 return fileBytes;
62 }
63 diff --git a/patches/nss-urandom-abort.patch b/patches/nss-urandom-abort.patch
64 index d5f55c8..e69de29 100644
65 --- a/patches/nss-urandom-abort.patch
66 +++ b/patches/nss-urandom-abort.patch
67 @@ -1,62 +0,0 @@
68 -diff --git a/lib/freebl/unix_rand.c b/lib/freebl/unix_rand.c
69 -index 579040e..2f9b3e5 100644
70 ---- a/lib/freebl/unix_rand.c
71 -+++ b/lib/freebl/unix_rand.c
72 -@@ -916,8 +916,19 @@ void RNG_SystemInfoForRNG(void)
73 - #if defined(BSDI) || defined(FREEBSD) || defined(NETBSD) \
74 - || defined(OPENBSD) || defined(DARWIN) || defined(LINUX) \
75 - || defined(HPUX)
76 -- if (bytes)
77 -+ if (bytes == SYSTEM_RNG_SEED_COUNT)
78 - return;
79 -+
80 -+ /*
81 -+ * Modified to abort the process if it failed to read from /dev/urandom.
82 -+ *
83 -+ * See crbug.com/244661 for details.
84 -+ */
85 -+ fprintf(stderr, "[ERROR:%s(%d)] NSS read %zu bytes (expected %d bytes) "
86 -+ "from /dev/urandom. Abort process.\n", __FILE__, __LINE__,
87 -+ bytes, SYSTEM_RNG_SEED_COUNT);
88 -+ fflush(stderr);
89 -+ abort();
90 - #endif
91 -
92 - #ifdef SOLARIS
93 -@@ -1134,6 +1145,11 @@ static void rng_systemJitter(void)
94 - }
95 - }
96 -
97 -+/*
98 -+ * Modified to abort the process if it failed to read from /dev/urandom.
99 -+ *
100 -+ * See crbug.com/244661 for details.
101 -+ */
102 - size_t RNG_SystemRNG(void *dest, size_t maxLen)
103 - {
104 - FILE *file;
105 -@@ -1144,7 +1160,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
106 -
107 - file = fopen("/dev/urandom", "r");
108 - if (file == NULL) {
109 -- return rng_systemFromNoise(dest, maxLen);
110 -+ fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
111 -+ "Abort process.\n", __FILE__, __LINE__);
112 -+ fflush(stderr);
113 -+ abort();
114 - }
115 - /* Read from the underlying file descriptor directly to bypass stdio
116 - * buffering and avoid reading more bytes than we need from /dev/urandom.
117 -@@ -1164,8 +1183,10 @@ size_t RNG_SystemRNG(void *dest, size_t maxLen)
118 - }
119 - fclose(file);
120 - if (fileBytes != maxLen) {
121 -- PORT_SetError(SEC_ERROR_NEED_RANDOM); /* system RNG failed */
122 -- fileBytes = 0;
123 -+ fprintf(stderr, "[ERROR:%s(%d)] NSS failed to read from /dev/urandom. "
124 -+ "Abort process.\n", __FILE__, __LINE__);
125 -+ fflush(stderr);
126 -+ abort();
127 - }
128 - return fileBytes;
129 - }
OLDNEW
« no previous file with comments | « patches/nss-static.patch ('k') | patches/prcpucfg.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698