diff options
| author | Olivier Certner <olce.palemoon@certner.fr> | 2021-01-06 11:43:12 +0100 |
|---|---|---|
| committer | Olivier Certner <olce.palemoon@certner.fr> | 2021-01-07 17:02:06 +0100 |
| commit | da217348d9e7fe1e22df725c3b48a149e7dd9f54 (patch) | |
| tree | a17aa66730be207244e5f5ae919ece7bd976da52 /ipc | |
| parent | 87aa6b2300e8a1b4730ca4fb8c2c979f255a395f (diff) | |
| download | UXP-da217348d9e7fe1e22df725c3b48a149e7dd9f54.tar UXP-da217348d9e7fe1e22df725c3b48a149e7dd9f54.tar.gz UXP-da217348d9e7fe1e22df725c3b48a149e7dd9f54.tar.lz UXP-da217348d9e7fe1e22df725c3b48a149e7dd9f54.tar.xz UXP-da217348d9e7fe1e22df725c3b48a149e7dd9f54.zip | |
Issue #1699 - Part 2: libevent: Remove 'evutil_secure_rng_add_bytes'
In fact, this is a security threat.
This function calls 'arc4random_addrandom', which was removed from the
reference implementation 7 years go [1], on the ground that this was in fact an
internal interface which is almost impossible to use correctly. This update has
since then been propagated to other implementations (e.g., FreeBSD, IllumOS,
Android).
Do this for all platforms, since 'evutil_secure_rng_add_bytes' is not even used
in the current tree, and for the reason stated above, should never be.
Related bugs at Mozilla and libevent: Links [2] and [3] below.
[1] http://marc.info/?l=openbsd-cvs&m=138238762705209&w=2
[2] https://bugzilla.mozilla.org/show_bug.cgi?id=931354
[3] https://sourceforge.net/p/levent/bugs/320/
Diffstat (limited to 'ipc')
| -rw-r--r-- | ipc/chromium/src/third_party/libevent/evutil_rand.c | 9 | ||||
| -rw-r--r-- | ipc/chromium/src/third_party/libevent/include/event2/util.h | 18 |
2 files changed, 0 insertions, 27 deletions
diff --git a/ipc/chromium/src/third_party/libevent/evutil_rand.c b/ipc/chromium/src/third_party/libevent/evutil_rand.c index 7c92bae23..3f5c05b34 100644 --- a/ipc/chromium/src/third_party/libevent/evutil_rand.c +++ b/ipc/chromium/src/third_party/libevent/evutil_rand.c @@ -138,12 +138,3 @@ evutil_secure_rng_get_bytes(void *buf, size_t n) { ev_arc4random_buf(buf, n); } - -#if !defined(__OpenBSD__) && !defined(ANDROID) && !defined(__sun__) -void -evutil_secure_rng_add_bytes(const char *buf, size_t n) -{ - arc4random_addrandom((unsigned char*)buf, - n>(size_t)INT_MAX ? INT_MAX : (int)n); -} -#endif diff --git a/ipc/chromium/src/third_party/libevent/include/event2/util.h b/ipc/chromium/src/third_party/libevent/include/event2/util.h index 78516c156..0f9212af1 100644 --- a/ipc/chromium/src/third_party/libevent/include/event2/util.h +++ b/ipc/chromium/src/third_party/libevent/include/event2/util.h @@ -672,24 +672,6 @@ void evutil_secure_rng_get_bytes(void *buf, size_t n); */ int evutil_secure_rng_init(void); -#if !defined(__OpenBSD__) && !defined(ANDROID) && !defined(__sun__) -/** Seed the random number generator with extra random bytes. - - You should almost never need to call this function; it should be - sufficient to invoke evutil_secure_rng_init(), or let Libevent take - care of calling evutil_secure_rng_init() on its own. - - If you call this function as a _replacement_ for the regular - entropy sources, then you need to be sure that your input - contains a fairly large amount of strong entropy. Doing so is - notoriously hard: most people who try get it wrong. Watch out! - - @param dat a buffer full of a strong source of random numbers - @param datlen the number of bytes to read from datlen - */ -void evutil_secure_rng_add_bytes(const char *dat, size_t datlen); -#endif - #ifdef __cplusplus } #endif |