random: ctr_drbg: Check entropy_get_entropy return

entropy_get_entropy return is not being checked what may result in a
vulnerability because tc_ctr_prng_reseed will not get proper entropy
data.

Fixes #29869

Signed-off-by: Flavio Ceolin <flavio.ceolin@intel.com>
This commit is contained in:
Flavio Ceolin 2020-11-11 10:38:38 -08:00 committed by Maureen Helm
commit 6ac3d0b5b1

View file

@ -130,8 +130,12 @@ int z_impl_sys_csrand_get(void *dst, uint32_t outlen)
ret = 0;
} else if (ret == TC_CTR_PRNG_RESEED_REQ) {
entropy_get_entropy(entropy_driver,
ret = entropy_get_entropy(entropy_driver,
(void *)&entropy, sizeof(entropy));
if (ret != 0) {
ret = -EIO;
goto end;
}
ret = tc_ctr_prng_reseed(&ctr_ctx,
entropy,
@ -146,6 +150,7 @@ int z_impl_sys_csrand_get(void *dst, uint32_t outlen)
} else {
ret = -EIO;
}
end:
#endif
irq_unlock(key);