upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-06-09 00:32:25 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

kern: zero out stack buffer after copying out random bits

Browse source 
The kern.arandom sysctl handler uses an intermediate buffer on the stack
to hold random data that it subsequently copies out to the sysctl
request.  Err on the side of caution and zero out the stack buffer after
we're done with it to avoid a potential entropy leak later on.

Reviewed by:	cem, emaste, markj
MFC after:	3 days
Differential Revision:	https://reviews.freebsd.org/D45978
This commit is contained in:
Kyle Evans 2024-07-15 15:17:47 -05:00
parent 9cc06bf7aa
commit 5862c891bb
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
sys/kern/kern_mib.c
View file

@ -182,10 +182,14 @@ sysctl_kern_arnd(SYSCTL_HANDLER_ARGS)
{
char buf[256];
size_t len;
int error;
len = MIN(req->oldlen, sizeof(buf));
read_random(buf, len);
return (SYSCTL_OUT(req, buf, len));
error = SYSCTL_OUT(req, buf, len);
explicit_bzero(buf, len);
return (error);
}
SYSCTL_PROC(_kern, KERN_ARND, arandom,