Draft: Assert on _all_ failures from RAND_bytes(). (!386) · Merge requests · The Tor Project / Core / Tor

Nick Mathewson requested to merge nickm/tor:bug40390_035 into maint-0.3.5 May 17, 2021

Previously, we would detect errors from a missing RNG implementation, but not failures from the RNG code itself.

Fortunately, it appears those failures do not happen in practice when Tor is using OpenSSL's default RNG implementation. Fixes bug 40390; bugfix on 0.2.8.1-alpha. This issue is also tracked as TROVE-2021-004. Reported by Jann Horn at Google's Project Zero.

Draft: Assert on _all_ failures from RAND_bytes().

Merge request reports