render / rpms / libvirt

Forked from rpms/libvirt 9 months ago
Clone
8d8641
From 9f6fbc0d4d4fd12d51ae8e9ac4152bc0bc835c24 Mon Sep 17 00:00:00 2001
8d8641
Message-Id: <9f6fbc0d4d4fd12d51ae8e9ac4152bc0bc835c24@dist-git>
8d8641
From: Michal Privoznik <mprivozn@redhat.com>
8d8641
Date: Mon, 21 Jan 2019 09:04:10 -0500
8d8641
Subject: [PATCH] util: Don't overflow in virRandomBits
8d8641
MIME-Version: 1.0
8d8641
Content-Type: text/plain; charset=UTF-8
8d8641
Content-Transfer-Encoding: 8bit
8d8641
8d8641
https://bugzilla.redhat.com/show_bug.cgi?id=1667329 (RHEL 7.6.z)
8d8641
https://bugzilla.redhat.com/show_bug.cgi?id=1652894 (RHEL 7.7)
8d8641
8d8641
The function is supposed to return up to 64bit long integer. In
8d8641
order to do that it calls virRandomBytes() to fill the integer
8d8641
with random bytes and then masks out everything but requested
8d8641
bits. However, when doing that it shifts 1U and not 1ULL. So
8d8641
effectively, requesting 32 random bis or more always return 0
8d8641
which is not random enough.
8d8641
8d8641
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
8d8641
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
8d8641
Reviewed-by: Pino Toscano <ptoscano@redhat.com>
8d8641
(cherry picked from commit 78c47a92ecb450c9f8bcabd35da7006dc2547882)
8d8641
Signed-off-by: John Ferlan <jferlan@redhat.com>
8d8641
Message-Id: <20190121140412.27804-2-jferlan@redhat.com>
8d8641
Reviewed-by: Erik Skultety <eskultet@redhat.com>
8d8641
---
8d8641
 src/util/virrandom.c | 2 +-
8d8641
 1 file changed, 1 insertion(+), 1 deletion(-)
8d8641
8d8641
diff --git a/src/util/virrandom.c b/src/util/virrandom.c
8d8641
index 01cc82a052..3c011a8615 100644
8d8641
--- a/src/util/virrandom.c
8d8641
+++ b/src/util/virrandom.c
8d8641
@@ -68,7 +68,7 @@ uint64_t virRandomBits(int nbits)
8d8641
         return 0;
8d8641
     }
8d8641
 
8d8641
-    ret &= (1U << nbits) - 1;
8d8641
+    ret &= (1ULL << nbits) - 1;
8d8641
     return ret;
8d8641
 }
8d8641
 
8d8641
-- 
8d8641
2.20.1
8d8641