Kezhu Wang created ZOOKEEPER-4848: ------------------------------------- Summary: Possible stack overflow in setup_random Key: ZOOKEEPER-4848 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4848 Project: ZooKeeper Issue Type: Bug Components: c client Affects Versions: 3.9.2, 3.8.4 Reporter: Kezhu Wang
Created for https://github.com/apache/zookeeper/pull/2097. {code:c} int seed_len = 0; /* Enter a loop to fill in seed with random data from /dev/urandom. * This is done in a loop so that we can safely handle short reads * which can happen due to signal interruptions. */ while (seed_len < sizeof(seed)) { /* Assert we either read something or we were interrupted due to a * signal (errno == EINTR) in which case we need to retry. */ int rc = read(fd, &seed + seed_len, sizeof(seed) - seed_len); assert(rc > 0 || errno == EINTR); if (rc > 0) { seed_len += rc; } } {code} Above code will overflow {{seed}} in case of a short read. -- This message was sent by Atlassian Jira (v8.20.10#820010)