Closed
Description
Passing a buffer larger than 1<<32 - 1 to crypto/rand.Read
hangs on windows due to an infinite loop because of how batching works with RtlGenRandom
. Since RtlGenRandom
only supports reading at most 1<<32 - 1 bytes at a time, rngReader
truncates the requested number of bytes to uint32(len(b))
(or len(b) % 1 << 32
). After the first call, which will return len(b) % 1 << 32
bytes, the truncation will always result in 0, causing the infinite loop.
Since this requires such a large buffer, this has minimal impact, since it's incredibly unlikely anyone actually wants this much randomness (and there are no paths from the remotely reachable libraries where this can be realistically triggered.)
This is CVE-2022-30634.