michaelh/zephyr
1
0
Fork 0
Code Releases Activity

random: ctr_drbg: Check entropy_get_entropy return

Browse source 
entropy_get_entropy return is not being checked what may result in a
vulnerability because tc_ctr_prng_reseed will not get proper entropy
data.

Fixes #29869

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This commit is contained in:
Flavio Ceolin 2020-11-11 10:38:38 -08:00 committed by Maureen Helm
commit 6ac3d0b5b1
1 changed files with 6 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

7
subsys/random/rand32_ctr_drbg.c
View file

@ -130,8 +130,12 @@ int z_impl_sys_csrand_get(void *dst, uint32_t outlen)
ret = 0;
} else if (ret == TC_CTR_PRNG_RESEED_REQ) {
entropy_get_entropy(entropy_driver,
ret = entropy_get_entropy(entropy_driver,
(void *)&entropy, sizeof(entropy));
if (ret != 0) {
ret = -EIO;
goto end;
}
ret = tc_ctr_prng_reseed(&ctr_ctx,
entropy,
@ -146,6 +150,7 @@ int z_impl_sys_csrand_get(void *dst, uint32_t outlen)
} else {
ret = -EIO;
}
end:
#endif
irq_unlock(key);