WolfSSL
/
wolfssl
mirror of https://github.com/wolfSSL/wolfssl.git
1
0
Fork 0
Code Issues Releases Wiki Activity

src/ssl.c: refactor fix in wolfSSL_RAND_bytes() for race on initGlobalRNG to retain the initial check on initGlobalRNG, and just recheck it, to avoid possible access to uninitialized globalRNGMutex.

pull/7473/head
Daniel Pouzzner 2024-04-25 23:47:39 -05:00
parent 59290cd066
commit 442d3f30cc
1 changed files with 17 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

30
src/ssl.c
View File

@ -289,7 +289,7 @@ int wc_OBJ_sn2nid(const char *sn)
#define HAVE_GLOBAL_RNG /* consolidate flags for using globalRNG */ #define HAVE_GLOBAL_RNG /* consolidate flags for using globalRNG */
static WC_RNG globalRNG; static WC_RNG globalRNG;
static int initGlobalRNG = 0; static volatile int initGlobalRNG = 0;
static WC_MAYBE_UNUSED wolfSSL_Mutex globalRNGMutex static WC_MAYBE_UNUSED wolfSSL_Mutex globalRNGMutex
WOLFSSL_MUTEX_INITIALIZER_CLAUSE(globalRNGMutex); WOLFSSL_MUTEX_INITIALIZER_CLAUSE(globalRNGMutex);
@ -23925,22 +23925,26 @@ int wolfSSL_RAND_bytes(unsigned char* buf, int num)
} }
#endif #endif
#ifdef HAVE_GLOBAL_RNG #ifdef HAVE_GLOBAL_RNG
if (wc_LockMutex(&globalRNGMutex) != 0) { if (initGlobalRNG) {
WOLFSSL_MSG("Bad Lock Mutex rng"); if (wc_LockMutex(&globalRNGMutex) != 0) {
return ret; WOLFSSL_MSG("Bad Lock Mutex rng");
return ret;
}
/* the above access to initGlobalRNG is racey -- recheck it now that we
* have the lock.
*/
if (initGlobalRNG) {
rng = &globalRNG;
used_global = 1;
}
else {
wc_UnLockMutex(&globalRNGMutex);
}
} }
if (initGlobalRNG) { if (used_global == 0)
rng = &globalRNG;
used_global = 1;
}
else
#endif #endif
{ {
#ifdef HAVE_GLOBAL_RNG
wc_UnLockMutex(&globalRNGMutex);
#endif
#ifdef WOLFSSL_SMALL_STACK #ifdef WOLFSSL_SMALL_STACK
tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG); tmpRNG = (WC_RNG*)XMALLOC(sizeof(WC_RNG), NULL, DYNAMIC_TYPE_RNG);
if (tmpRNG == NULL) if (tmpRNG == NULL)