[openssl] OpenSSL_1_1_1-stable update
Dr. Paul Dale
pauli at openssl.org
Sat Aug 24 06:46:08 UTC 2019
The branch OpenSSL_1_1_1-stable has been updated
via 4bdab2571782393e4ba3acb8578c415ce1575a75 (commit)
from 738da3d0b8c63994e77d22457f8479c23e08b361 (commit)
- Log -----------------------------------------------------------------
commit 4bdab2571782393e4ba3acb8578c415ce1575a75
Author: Pauli <paul.dale at oracle.com>
Date: Sat Aug 24 16:13:24 2019 +1000
Avoid overflowing FDSET when using select(2).
There is a problem in the rand_unix.c code when the random seed fd is greater
than or equal to FD_SETSIZE and the FDSET overruns its limit and walks the
stack.
Reviewed-by: Bernd Edlinger <bernd.edlinger at hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/9686)
(cherry picked from commit e1f8584d47a499301fba781086af6885fcf21fec)
-----------------------------------------------------------------------
Summary of changes:
crypto/rand/rand_unix.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c
index 0d449d235a..258fef7eb0 100644
--- a/crypto/rand/rand_unix.c
+++ b/crypto/rand/rand_unix.c
@@ -411,7 +411,7 @@ static int wait_random_seeded(void)
}
/* Open /dev/random and wait for it to be readable */
if ((fd = open(DEVRANDOM_WAIT, O_RDONLY)) != -1) {
- if (DEVRANDM_WAIT_USE_SELECT) {
+ if (DEVRANDM_WAIT_USE_SELECT && fd < FD_SETSIZE) {
FD_ZERO(&fds);
FD_SET(fd, &fds);
while ((r = select(fd + 1, &fds, NULL, NULL, NULL)) < 0
More information about the openssl-commits
mailing list