kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

Ensure seed data to be cleared

Browse source 
To prevent from leaking the seed data.
This commit is contained in:
Nobuyoshi Nakada 2020-01-09 00:27:29 +09:00
parent 499de0a0f6
commit 0a67c21401
Notes: git 2020-01-10 10:29:17 +09:00 
Merged: https://github.com/ruby/ruby/pull/2826
1 changed files with 14 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

37
random.c
View file

@ -504,6 +504,10 @@ make_seed_value(uint32_t *ptr, size_t len)
return seed;
}
#define with_random_seed(size, add) \
for (uint32_t seedbuf[(size)+(add)], loop = (fill_random_seed(seedbuf, (size)), 1); \
loop; explicit_bzero(seedbuf, (size)*sizeof(seedbuf[0])), loop = 0)
/*
* call-seq: Random.new_seed -> integer
*
@ -516,10 +520,9 @@ static VALUE
random_seed(VALUE _)
{
VALUE v;
uint32_t buf[DEFAULT_SEED_CNT+1];
fill_random_seed(buf, DEFAULT_SEED_CNT);
v = make_seed_value(buf, DEFAULT_SEED_CNT);
explicit_bzero(buf, DEFAULT_SEED_LEN);
with_random_seed(DEFAULT_SEED_CNT, 1) {
v = make_seed_value(seedbuf, DEFAULT_SEED_CNT);
}
return v;
}
@ -1477,30 +1480,15 @@ Init_RandomSeedCore(void)
provide a hint that an attacker guess siphash's seed.
*/
struct MT mt;
uint32_t initial_seed[DEFAULT_SEED_CNT];
fill_random_seed(initial_seed, DEFAULT_SEED_CNT);
init_by_array(&mt, initial_seed, DEFAULT_SEED_CNT);
with_random_seed(DEFAULT_SEED_CNT, 0) {
init_by_array(&mt, seedbuf, DEFAULT_SEED_CNT);
}
init_hash_salt(&mt);
explicit_bzero(initial_seed, DEFAULT_SEED_LEN);
explicit_bzero(&mt, sizeof(mt));
}
static VALUE
init_randomseed(struct MT *mt)
{
uint32_t initial[DEFAULT_SEED_CNT+1];
VALUE seed;
fill_random_seed(initial, DEFAULT_SEED_CNT);
init_by_array(mt, initial, DEFAULT_SEED_CNT);
seed = make_seed_value(initial, DEFAULT_SEED_CNT);
explicit_bzero(initial, DEFAULT_SEED_LEN);
return seed;
}
/* construct Random::DEFAULT bits */
static VALUE
Init_Random_default(VALUE klass)
@ -1510,7 +1498,10 @@ Init_Random_default(VALUE klass)
VALUE v = TypedData_Wrap_Struct(klass, &random_mt_type, r);
rb_gc_register_mark_object(v);
r->seed = init_randomseed(mt);
with_random_seed(DEFAULT_SEED_CNT, 1) {
init_by_array(mt, seedbuf, DEFAULT_SEED_CNT);
r->seed = make_seed_value(seedbuf, DEFAULT_SEED_CNT);
}
return v;
}