Date: Tue, 17 Feb 2015 23:14:26 +0000 (UTC) From: John-Mark Gurney <jmg@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r278927 - head/sys/dev/random Message-ID: <201502172314.t1HNEQVs000251@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jmg Date: Tue Feb 17 23:14:26 2015 New Revision: 278927 URL: https://svnweb.freebsd.org/changeset/base/278927 Log: Fix a bug where this function overflowed it's buffer... This was causing ZFS panics on boot... This is purely reviewed and tested by peter. Reviewed by: peter Approved by: so (implicit), peter Modified: head/sys/dev/random/yarrow.c Modified: head/sys/dev/random/yarrow.c ============================================================================== --- head/sys/dev/random/yarrow.c Tue Feb 17 23:13:45 2015 (r278926) +++ head/sys/dev/random/yarrow.c Tue Feb 17 23:14:26 2015 (r278927) @@ -432,6 +432,7 @@ reseed(u_int fastslow) void random_yarrow_read(uint8_t *buf, u_int bytecount) { + uint8_t tbuf[BLOCKSIZE]; u_int blockcount, i; /* Check for initial/final read requests */ @@ -448,8 +449,15 @@ random_yarrow_read(uint8_t *buf, u_int b yarrow_state.outputblocks = 0; } uint128_increment(&yarrow_state.counter.whole); - randomdev_encrypt(&yarrow_state.key, yarrow_state.counter.byte, buf, BLOCKSIZE); - buf += BLOCKSIZE; + if ((i + 1) * BLOCKSIZE > bytecount) { + randomdev_encrypt(&yarrow_state.key, + yarrow_state.counter.byte, tbuf, BLOCKSIZE); + memcpy(buf, tbuf, bytecount - i * BLOCKSIZE); + } else { + randomdev_encrypt(&yarrow_state.key, + yarrow_state.counter.byte, buf, BLOCKSIZE); + buf += BLOCKSIZE; + } } mtx_unlock(&random_reseed_mtx);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201502172314.t1HNEQVs000251>