Re: [PATCH 06/10] Switch from using os_random() to using os_get_random(...) in ieee802_1x_kay_create_mka(...)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, Feb 14, 2016 at 07:38:37PM +0000, Nick Lowe wrote:
>  Switch from using os_random() to using
>  os_get_random(...) in ieee802_1x_kay_create_mka(...) The intention is to
>  facilitate the future removal of os_random(). os_random() uses a low quality
>  PRNG which we should avoid using outright unless there is a compelling
>  performance justification to do so.

> diff --git a/src/pae/ieee802_1x_kay.c b/src/pae/ieee802_1x_kay.c
> index ef74430..8053b61 100644
> --- a/src/pae/ieee802_1x_kay.c
> +++ b/src/pae/ieee802_1x_kay.c
> @@ -3384,7 +3384,9 @@ ieee802_1x_kay_create_mka(struct ieee802_1x_kay
> *kay, struct mka_key_name *ckn,
>      wpa_hexdump(MSG_DEBUG, "KaY: Participant created:",
>              ckn->name, ckn->len);
> 
> -    usecs = os_random() % (MKA_HELLO_TIME * 1000);
> +    if (os_get_random((u8 *) &usecs, sizeof(usecs)) < 0)
> +        goto fail;

This error handling is not correct. dl_list_add() was used previously to
add the entry to a list and os_free(participant) in the fail label would
leave freed memory into the list resulting in process crash in the best
case..
 
-- 
Jouni Malinen                                            PGP id EFC895FA

_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux