mirror of
https://github.com/libexpat/libexpat.git
synced 2025-04-06 05:34:59 +00:00
xmlparse.c: Read /dev/urandom if non-blocking getrandom failed
This is in line with what recent Python does: 1) Calling getrandom with GRND_NONBLOCK1abcf6700b/Python/bootstrap_hash.c (L594)
2) Reading /dev/urandom if getrandom failed1abcf6700b/Python/bootstrap_hash.c (L503)
This commit is contained in:
parent
cfd6b138d6
commit
55839b633f
1 changed files with 40 additions and 1 deletions
|
@ -21,6 +21,8 @@
|
|||
#include <sys/time.h> /* gettimeofday() */
|
||||
#include <sys/types.h> /* getpid() */
|
||||
#include <unistd.h> /* getpid() */
|
||||
#include <fcntl.h> /* O_RDONLY */
|
||||
#include <errno.h>
|
||||
#endif
|
||||
|
||||
#define XML_BUILDING_EXPAT 1
|
||||
|
@ -36,7 +38,6 @@
|
|||
#include "siphash.h"
|
||||
|
||||
#if defined(HAVE_GETRANDOM) || defined(HAVE_SYSCALL_GETRANDOM)
|
||||
# include <errno.h>
|
||||
# if defined(HAVE_GETRANDOM)
|
||||
# include <sys/random.h> /* getrandom */
|
||||
# else
|
||||
|
@ -783,6 +784,39 @@ writeRandomBytes_getrandom_nonblock(void * target, size_t count) {
|
|||
#endif /* defined(HAVE_GETRANDOM) || defined(HAVE_SYSCALL_GETRANDOM) */
|
||||
|
||||
|
||||
#if ! defined(_WIN32)
|
||||
|
||||
/* Extract entropy from /dev/urandom */
|
||||
static int
|
||||
writeRandomBytes_dev_urandom(void * target, size_t count) {
|
||||
int success = 0; /* full count bytes written? */
|
||||
size_t bytesWrittenTotal = 0;
|
||||
|
||||
const int fd = open("/dev/urandom", O_RDONLY);
|
||||
if (fd < 0) {
|
||||
return 0;
|
||||
}
|
||||
|
||||
do {
|
||||
void * const currentTarget = (void*)((char*)target + bytesWrittenTotal);
|
||||
const size_t bytesToWrite = count - bytesWrittenTotal;
|
||||
|
||||
const ssize_t bytesWrittenMore = read(fd, currentTarget, bytesToWrite);
|
||||
|
||||
if (bytesWrittenMore > 0) {
|
||||
bytesWrittenTotal += bytesWrittenMore;
|
||||
if (bytesWrittenTotal >= count)
|
||||
success = 1;
|
||||
}
|
||||
} while (! success && (errno == EINTR));
|
||||
|
||||
close(fd);
|
||||
return success;
|
||||
}
|
||||
|
||||
#endif /* ! defined(_WIN32) */
|
||||
|
||||
|
||||
#if defined(HAVE_ARC4RANDOM)
|
||||
|
||||
static void
|
||||
|
@ -905,6 +939,11 @@ generate_hash_secret_salt(XML_Parser parser)
|
|||
return ENTROPY_DEBUG("getrandom", entropy);
|
||||
}
|
||||
#endif
|
||||
#if ! defined(_WIN32)
|
||||
if (writeRandomBytes_dev_urandom((void *)&entropy, sizeof(entropy))) {
|
||||
return ENTROPY_DEBUG("/dev/urandom", entropy);
|
||||
}
|
||||
#endif /* ! defined(_WIN32) */
|
||||
/* .. and self-made low quality for backup: */
|
||||
|
||||
/* Process ID is 0 bits entropy if attacker has local access */
|
||||
|
|
Loading…
Add table
Reference in a new issue