upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-04-22 23:02:02 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/sys/dev/random
History
Conrad Meyer 9a88479843 Fortuna: fix a correctness issue in reseed (fortuna_pre_read) 
'i' counts the number of pools included in the array 's'.  Passing 'i+1' to
reseed_internal() as the number of blocks in 's' is a bogus overrun of the
initialized portion of 's' -- technically UB.

I found this via code inspection, referencing §9.5.2 "Pools" of the Fortuna
chapter, but I would expect Coverity to notice the same issue.
Unfortunately, it doesn't appear to.

Reviewed by:	markm
Approved by:	secteam (gordon)
Sponsored by:	Dell EMC Isilon
Differential Revision:	https://reviews.freebsd.org/D16985
2018-10-26 20:55:01 +00:00
..
build.sh Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00
darn.c random: Add PowerPC 'darn' instruction entropy source 2018-08-17 03:49:07 +00:00
fortuna.c Fortuna: fix a correctness issue in reseed (fortuna_pre_read) 2018-10-26 20:55:01 +00:00
fortuna.h Huge cleanup of random(4) code. 2015-06-30 17:00:45 +00:00
hash.c Replace sys/crypto/sha2/sha2.c with lib/libmd/sha512c.c 2015-12-27 17:33:59 +00:00
hash.h * Address review (and add a bit myself). 2015-07-12 18:14:38 +00:00
ivy.c Fix rdrand_rng.ko and padlock_rng.ko dependencies, making modules 2016-04-16 06:10:47 +00:00
nehemiah.c Remove unused error return from API that cannot fail 2018-02-23 20:15:19 +00:00
other_algorithm.c Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00
other_algorithm.h Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00
random_harvestq.c random(4): Correct a bare zero to the appropriate enum 2018-10-20 21:06:15 +00:00
random_harvestq.h Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00
random_infra.c Add DEV_RANDOM pseudo-option and use it to "include out" random(4) 2015-08-17 07:36:12 +00:00
randomdev.c random(4): Squash non-error timeout codes from tsleep(9). 2018-09-09 17:12:31 +00:00
randomdev.h Add DEV_RANDOM pseudo-option and use it to "include out" random(4) 2015-08-17 07:36:12 +00:00
uint128.h Huge cleanup of random(4) code. 2015-06-30 17:00:45 +00:00
unit_test.c Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00
unit_test.h Remove the Yarrow PRNG algorithm option in accordance with due notice 2018-08-26 12:51:46 +00:00