On Fri, Apr 24, 2026 at 09:48 +0800, Kevin J. McCarthy wrote:
Ah, sorry. Yes, the code is executed. The whole snippet is:
if ((res == (size_t) -1) || (res < length_requested))
{
if (res < length_requested)
{
length_requested -= res;
random_bytes += res;
}
prng_random_bytes(random_bytes, length_requested);
}
I don't know what prng_random_bytes() is, so don't quite know the
intent here. But counting on (res < length_requested) when getrandom()
failed seems like pushing C pretty hard.
I'd be inclined to completely separate the error case (-1) from
everything else. Just detect -1 one time, with ==.
