From 60c9443a7b23b160cf0f9fdf96629ccf1d884adf Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sat, 18 May 2019 17:28:21 +0200 Subject: util.random: Handle unlikely read errors from /dev/urandom (see #1313) --- util/random.lua | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'util/random.lua') diff --git a/util/random.lua b/util/random.lua index d8a84514..8ae06b49 100644 --- a/util/random.lua +++ b/util/random.lua @@ -12,7 +12,11 @@ if ok then return crand; end local urandom, urandom_err = io.open("/dev/urandom", "r"); local function bytes(n) - return urandom:read(n); + local data, err = urandom:read(n); + if not data then + error("Unable to retrieve data from secure random number generator (/dev/urandom): "..err); + end + return data; end if not urandom then -- cgit v1.2.3 From c42ccf1bccbc1dc70975edf9a3b866f7d6ac2892 Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Sat, 18 May 2019 18:51:25 +0200 Subject: util.random: Coerce error to string (thanks waqas) In theory this could happen in an EOF condition, which should be impossible with a read from /dev/urandom. --- util/random.lua | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'util/random.lua') diff --git a/util/random.lua b/util/random.lua index 8ae06b49..51f2747d 100644 --- a/util/random.lua +++ b/util/random.lua @@ -14,7 +14,7 @@ local urandom, urandom_err = io.open("/dev/urandom", "r"); local function bytes(n) local data, err = urandom:read(n); if not data then - error("Unable to retrieve data from secure random number generator (/dev/urandom): "..err); + error("Unable to retrieve data from secure random number generator (/dev/urandom): "..tostring(err)); end return data; end -- cgit v1.2.3 From a6e44a24a0afdfb34a74d15a98b3a1f05e54cf9a Mon Sep 17 00:00:00 2001 From: Kim Alvefur Date: Tue, 21 May 2019 08:52:21 +0200 Subject: util.random: Throw different error for EOL condition --- util/random.lua | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'util/random.lua') diff --git a/util/random.lua b/util/random.lua index 51f2747d..6782d7fa 100644 --- a/util/random.lua +++ b/util/random.lua @@ -14,7 +14,11 @@ local urandom, urandom_err = io.open("/dev/urandom", "r"); local function bytes(n) local data, err = urandom:read(n); if not data then - error("Unable to retrieve data from secure random number generator (/dev/urandom): "..tostring(err)); + if err then + error("Unable to retrieve data from secure random number generator (/dev/urandom): "..tostring(err)); + else + error("Secure random number generator (/dev/urandom) returned an end-of-file condition"); + end end return data; end -- cgit v1.2.3