From 4bdab2571782393e4ba3acb8578c415ce1575a75 Mon Sep 17 00:00:00 2001 From: Pauli Date: Sat, 24 Aug 2019 16:13:24 +1000 Subject: [PATCH] Avoid overflowing FDSET when using select(2). There is a problem in the rand_unix.c code when the random seed fd is greater than or equal to FD_SETSIZE and the FDSET overruns its limit and walks the stack. Reviewed-by: Bernd Edlinger (Merged from https://github.com/openssl/openssl/pull/9686) (cherry picked from commit e1f8584d47a499301fba781086af6885fcf21fec) --- crypto/rand/rand_unix.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c index 0d449d235a..258fef7eb0 100644 --- a/crypto/rand/rand_unix.c +++ b/crypto/rand/rand_unix.c @@ -411,7 +411,7 @@ static int wait_random_seeded(void) } /* Open /dev/random and wait for it to be readable */ if ((fd = open(DEVRANDOM_WAIT, O_RDONLY)) != -1) { - if (DEVRANDM_WAIT_USE_SELECT) { + if (DEVRANDM_WAIT_USE_SELECT && fd < FD_SETSIZE) { FD_ZERO(&fds); FD_SET(fd, &fds); while ((r = select(fd + 1, &fds, NULL, NULL, NULL)) < 0 -- 2.25.1