[PATCH] DRBG: fix failure of generating multiple of 2**16 bytes

Stephan Mueller Thu, 31 Jul 2014 23:47:26 -0700

The function drbg_generate_long slices the request into 2**16 byte
or smaller chunks. However, the loop, however invokes the random number
generation function with zero bytes when the request size is a multiple
of 2**16 bytes. The fix prevents zero bytes requests.


Signed-off-by: Stephan Mueller <smuel...@chronox.de>
---
 crypto/drbg.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/drbg.c b/crypto/drbg.c
index ff975d9..7894db9 100644
--- a/crypto/drbg.c
+++ b/crypto/drbg.c
@@ -1500,7 +1500,7 @@ static int drbg_generate_long(struct drbg_state *drbg,
                if (0 >= tmplen)
                        return tmplen;
                len += tmplen;
-       } while (slice > 0);
+       } while (slice > 0 && (len < buflen));
        return len;
 }
 
-- 
1.9.3


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

[PATCH] DRBG: fix failure of generating multiple of 2**16 bytes

Reply via email to