Kezhu Wang created ZOOKEEPER-4848:
-------------------------------------
Summary: Possible stack overflow in setup_random
Key: ZOOKEEPER-4848
URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4848
Project: ZooKeeper
Issue Type: Bug
Components: c client
Affects Versions: 3.9.2, 3.8.4
Reporter: Kezhu Wang
Created for https://github.com/apache/zookeeper/pull/2097.
{code:c}
int seed_len = 0;
/* Enter a loop to fill in seed with random data from /dev/urandom.
* This is done in a loop so that we can safely handle short reads
* which can happen due to signal interruptions.
*/
while (seed_len < sizeof(seed)) {
/* Assert we either read something or we were interrupted due to a
* signal (errno == EINTR) in which case we need to retry.
*/
int rc = read(fd, &seed + seed_len, sizeof(seed) - seed_len);
assert(rc > 0 || errno == EINTR);
if (rc > 0) {
seed_len += rc;
}
}
{code}
Above code will overflow {{seed}} in case of a short read.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
