kern: zero out stack buffer after copying out random bits
The kern.arandom sysctl handler uses an intermediate buffer on the stack to hold random data that it subsequently copies out to the sysctl request. Err on the side of caution and zero out the stack buffer after we're done with it to avoid a potential entropy leak later on. Reviewed by: cem, emaste, markj MFC after: 3 days Differential Revision: https://reviews.freebsd.org/D45978
This commit is contained in:
+5
-1
@@ -182,10 +182,14 @@ sysctl_kern_arnd(SYSCTL_HANDLER_ARGS)
|
||||
{
|
||||
char buf[256];
|
||||
size_t len;
|
||||
int error;
|
||||
|
||||
len = MIN(req->oldlen, sizeof(buf));
|
||||
read_random(buf, len);
|
||||
return (SYSCTL_OUT(req, buf, len));
|
||||
|
||||
error = SYSCTL_OUT(req, buf, len);
|
||||
explicit_bzero(buf, len);
|
||||
return (error);
|
||||
}
|
||||
|
||||
SYSCTL_PROC(_kern, KERN_ARND, arandom,
|
||||
|
||||
Reference in New Issue
Block a user