Title: [186151] trunk/Source/WTF
- Revision
- 186151
- Author
- [email protected]
- Date
- 2015-06-30 17:36:18 -0700 (Tue, 30 Jun 2015)
Log Message
Errors in read() are not handled in WTF::cryptographicallyRandomValuesFromOS.
https://bugs.webkit.org/show_bug.cgi?id=146473
Patch by Keith Miller <[email protected]> on 2015-06-30
Reviewed by Filip Pizlo.
We were not checking if errors occurred in WTF::cryptographicallyRandomValuesFromOS.
We now buffer the data until enough bits of entropy exist to fill the buffer
rather than crash. Additionally, added two crash functions so we can distinguish
between the two reasons why we crashed in traces.
* wtf/OSRandomSource.cpp:
(WTF::crashUnableToOpenFD):
(WTF::crashUnableToReadFromFD):
(WTF::cryptographicallyRandomValuesFromOS):
Modified Paths
Diff
Modified: trunk/Source/WTF/ChangeLog (186150 => 186151)
--- trunk/Source/WTF/ChangeLog 2015-07-01 00:17:49 UTC (rev 186150)
+++ trunk/Source/WTF/ChangeLog 2015-07-01 00:36:18 UTC (rev 186151)
@@ -1,3 +1,20 @@
+2015-06-30 Keith Miller <[email protected]>
+
+ Errors in read() are not handled in WTF::cryptographicallyRandomValuesFromOS.
+ https://bugs.webkit.org/show_bug.cgi?id=146473
+
+ Reviewed by Filip Pizlo.
+
+ We were not checking if errors occurred in WTF::cryptographicallyRandomValuesFromOS.
+ We now buffer the data until enough bits of entropy exist to fill the buffer
+ rather than crash. Additionally, added two crash functions so we can distinguish
+ between the two reasons why we crashed in traces.
+
+ * wtf/OSRandomSource.cpp:
+ (WTF::crashUnableToOpenFD):
+ (WTF::crashUnableToReadFromFD):
+ (WTF::cryptographicallyRandomValuesFromOS):
+
2015-06-29 Dean Jackson <[email protected]>
Temporarily disable PICTURE_SIZES
Modified: trunk/Source/WTF/wtf/OSRandomSource.cpp (186150 => 186151)
--- trunk/Source/WTF/wtf/OSRandomSource.cpp 2015-07-01 00:17:49 UTC (rev 186150)
+++ trunk/Source/WTF/wtf/OSRandomSource.cpp 2015-07-01 00:36:18 UTC (rev 186151)
@@ -30,6 +30,7 @@
#include <stdlib.h>
#if OS(UNIX)
+#include <errno.h>
#include <fcntl.h>
#include <unistd.h>
#endif
@@ -41,17 +42,37 @@
namespace WTF {
+NEVER_INLINE NO_RETURN_DUE_TO_CRASH static void crashUnableToOpenURandom()
+{
+ CRASH();
+}
+
+NEVER_INLINE NO_RETURN_DUE_TO_CRASH static void crashUnableToReadFromURandom()
+{
+ CRASH();
+}
+
void cryptographicallyRandomValuesFromOS(unsigned char* buffer, size_t length)
{
#if OS(UNIX)
int fd = open("/dev/urandom", O_RDONLY, 0);
if (fd < 0)
- CRASH(); // We need /dev/urandom for this API to work...
+ crashUnableToOpenURandom(); // We need /dev/urandom for this API to work...
- if (read(fd, buffer, length) != static_cast<ssize_t>(length))
- CRASH();
+ ssize_t amountRead = 0;
+ while (static_cast<size_t>(amountRead) < length) {
+ ssize_t currentRead = read(fd, buffer + amountRead, length - amountRead);
+ // We need to check for both EAGAIN and EINTR since on some systems /dev/urandom
+ // is blocking and on others it is non-blocking.
+ if (currentRead == -1) {
+ if (!(errno == EAGAIN || errno == EINTR))
+ crashUnableToReadFromURandom();
+ } else
+ amountRead += currentRead;
+ }
+
+ close(fd);
- close(fd);
#elif OS(WINDOWS)
HCRYPTPROV hCryptProv = 0;
if (!CryptAcquireContext(&hCryptProv, 0, MS_DEF_PROV, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT))
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
