Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

src: fix CSPRNG when length exceeds INT_MAX #47515

Merged

Commits on Apr 11, 2023

  1. src: fix CSPRNG when length exceeds INT_MAX

    CSPRNG implicitly casts the size_t length argument to a signed int when
    calling RAND_bytes(), which leaves it up to the caller to ensure that
    the length argument actually fits into such a signed int. However, not
    all call sites explicitly ensure that, which could lead to subtle bugs.
    
    In OpenSSL 3, use RAND_bytes_ex() instead, which does not require
    casting the length to a signed int.
    
    In OpenSSL 1.1.1, RAND_bytes_ex() is not supported, thus we have to
    process blocks of size INT_MAX one by one.
    tniessen committed Apr 11, 2023
    Configuration menu
    Copy the full SHA
    0ae6971 View commit details
    Browse the repository at this point in the history