From 352933bd664e6145366b51b50821c8aefd652aa8 Mon Sep 17 00:00:00 2001 From: nia Date: Thu, 30 Apr 2020 14:43:04 +0100 Subject: [PATCH] rand_unix.c: Ensure requests to KERN_ARND don't exceed 256 bytes. Requests for more than 256 bytes will fail. Reviewed-by: Paul Dale Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/11689) (cherry picked from commit 7421f085005e0d7a1dd2fe61b991ff23cef91c22) --- crypto/rand/rand_unix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index 177ee6958f..19b6138a1f 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -270,7 +270,7 @@ static ssize_t sysctl_random(char *buf, size_t buflen) mib[1] = KERN_ARND; do { - len = buflen; + len = buflen > 256 ? 256 : buflen; if (sysctl(mib, 2, buf, &len, NULL, 0) == -1) return done > 0 ? done : -1; done += len; -- 2.25.1