CVSROOT: /cvs
Module name: src
Changes by: dera...@cvs.openbsd.org 2019/03/24 11:56:55
Modified files:
lib/libc/crypt : arc4random.c
Log message:
In the incredibly unbelievable circumstance where _rs_init() fails to
allocate pages, don't call abort() because of corefile data leakage
concerns, but simply _exit(). The reasoning is _rs_init() will only
fail if someone finds a way to apply specific pressure against this
failure point, for the purpose of leaking information into a core which
they can read. We don't need a corefile in this instance to debug that.
So take this "lever" away from whoever in the future wants to do that.
