Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

unittest_crypto: Don't exceed limit for getentropy #18505

Merged
merged 1 commit into from Oct 25, 2017
Merged

unittest_crypto: Don't exceed limit for getentropy #18505

merged 1 commit into from Oct 25, 2017

Conversation

badone
Copy link
Contributor

@badone badone commented Oct 24, 2017

CryptoRandom::get_bytes calls getentropy directly if available and it
enforces a limit of 256 bytes.

Signed-off-by: Brad Hubbard bhubbard@redhat.com

@badone
unittest_crypto: Don't exceed limit for getentropy
2e3af69 
CryptoRandom::get_bytes calls getentropy directly if available and it
enforces a limit of 256 bytes.

Signed-off-by: Brad Hubbard <bhubbard@redhat.com>
@badone badone requested a review from cbodley October 24, 2017 04:37
@badone
Copy link
Contributor Author

badone commented Oct 24, 2017
edited

Thread 1 "unittest_crypto" hit Breakpoint 1, getentropy (
buffer=buffer@entry=0x5555558c7ea0, length=length@entry=16)
at ../sysdeps/unix/sysv/linux/getentropy.c:32
32 if (length > 256)
(gdb) l
27 int
28 getentropy (void buffer, size_t length)
29 {
30 / The interface is documented to return EIO for buffer lengths
31 longer than 256 bytes. */
32 if (length > 256)
33 {
34 __set_errno (EIO);
35 return -1;
36 }

@cbodley
Copy link
Contributor

cbodley commented Oct 24, 2017
edited

thanks @badone. do you or @tchaikov have suggestions for how to better document/enforce this limitation? currently it's just this comment in CryptoRandom:

  /// copy up to 256 random bytes into the given buffer. throws on failure
  void get_bytes(char *buf, int len);

edit: i suppose this value should be exposed by the interface, so callers can loop over 256-byte chunks if they need to

@badone
Copy link
Contributor Author

badone commented Oct 24, 2017

@cbodley I'll look into how we can enforce this at compile time in a different PR, thanks.

@badone badone merged commit 7e6e87e into ceph:master Oct 25, 2017
@badone badone deleted the wip-unittest-crypto-getentropy-limit branch October 25, 2017 00:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tchaikov tchaikov tchaikov approved these changes

@cbodley cbodley cbodley approved these changes

Assignees
No one assigned
Labels
bug-fix tests
Projects
None yet
Milestone
No milestone
3 participants
@badone @cbodley @tchaikov