45 lines
1.5 KiB
Diff
45 lines
1.5 KiB
Diff
From f341ec3a1077c2d876ece271e5f58aa8d3ef795a Mon Sep 17 00:00:00 2001
|
|
Message-Id: <f341ec3a1077c2d876ece271e5f58aa8d3ef795a@dist-git>
|
|
From: Michal Privoznik <mprivozn@redhat.com>
|
|
Date: Mon, 3 Dec 2018 08:46:18 -0500
|
|
Subject: [PATCH] util: Don't overflow in virRandomBits
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1655586 [RHEL8]
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1652894 [RHEL7]
|
|
|
|
The function is supposed to return up to 64bit long integer. In
|
|
order to do that it calls virRandomBytes() to fill the integer
|
|
with random bytes and then masks out everything but requested
|
|
bits. However, when doing that it shifts 1U and not 1ULL. So
|
|
effectively, requesting 32 random bis or more always return 0
|
|
which is not random enough.
|
|
|
|
Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
|
|
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
Reviewed-by: Pino Toscano <ptoscano@redhat.com>
|
|
(cherry picked from commit 78c47a92ecb450c9f8bcabd35da7006dc2547882)
|
|
Signed-off-by: John Ferlan <jferlan@redhat.com>
|
|
---
|
|
src/util/virrandom.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/util/virrandom.c b/src/util/virrandom.c
|
|
index 01cc82a052..3c011a8615 100644
|
|
--- a/src/util/virrandom.c
|
|
+++ b/src/util/virrandom.c
|
|
@@ -68,7 +68,7 @@ uint64_t virRandomBits(int nbits)
|
|
return 0;
|
|
}
|
|
|
|
- ret &= (1U << nbits) - 1;
|
|
+ ret &= (1ULL << nbits) - 1;
|
|
return ret;
|
|
}
|
|
|
|
--
|
|
2.20.1
|
|
|