generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Always DPURIFY

Browse Source 
The use of the uninitialized buffer in the RNG has no real security
benefits and is only a nuisance when using memory sanitizers.

Reviewed-by: Rich Salz <rsalz@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
This commit is contained in:
Emilia Kasper
2016-01-27 19:13:33 +01:00
parent a01dab9462
commit d8ca44ba41
7 changed files with 10 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
crypto/rand/randfile.c
View File

@@ -128,7 +128,6 @@ int RAND_load_file(const char *file, long bytes)
return (0);
#ifndef OPENSSL_NO_POSIX_IO
# ifdef PURIFY
/*
* struct stat can have padding and unused fields that may not be
* initialized in the call to stat(). We need to clear the entire
@@ -136,7 +135,6 @@ int RAND_load_file(const char *file, long bytes)
* applications such as Valgrind.
*/
memset(&sb, 0, sizeof(sb));
# endif
if (stat(file, &sb) < 0)
return (0);
RAND_add(&sb, sizeof(sb), 0.0);
@@ -170,12 +168,8 @@ int RAND_load_file(const char *file, long bytes)
i = fread(buf, 1, n, in);
if (i <= 0)
break;
#ifdef PURIFY
RAND_add(buf, i, (double)i);
#else
/* even if n != i, use the full array */
RAND_add(buf, n, (double)i);
#endif
ret += i;
if (bytes > 0) {
bytes -= n;