From 22eedc9722746206bf2f8b0c5fcdab58917c7bd5 Mon Sep 17 00:00:00 2001 From: Conrad Meyer Date: Tue, 18 Jun 2019 18:50:58 +0000 Subject: [PATCH] random(4): Fix a regression in short AES mode reads In r349154, random device reads of size < 16 bytes (AES block size) were accidentally broken to loop forever. Correct the loop condition for small reads. Reported by: pho Reviewed by: delphij Approved by: secteam(delphij) Differential Revision: https://reviews.freebsd.org/D20686 --- sys/dev/random/fortuna.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sys/dev/random/fortuna.c b/sys/dev/random/fortuna.c index f7f8a753c790..0e66ba3e97f6 100644 --- a/sys/dev/random/fortuna.c +++ b/sys/dev/random/fortuna.c @@ -489,7 +489,7 @@ random_fortuna_genbytes(uint8_t *buf, size_t bytecount, if (!random_chachamode) chunk_size = rounddown(chunk_size, RANDOM_BLOCKSIZE); - while (bytecount >= chunk_size) { + while (bytecount >= chunk_size && chunk_size > 0) { randomdev_keystream(p_key, p_counter, buf, chunk_size); buf += chunk_size;