Fix detection of getrandom()
diff --git a/ChangeLog b/ChangeLog
index b0841ba..19382bc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -28,6 +28,8 @@
errors on use of deprecated functions.
Bugfix
+ * Fix detection of support for getrandom() on Linux (reported by syzzer) by
+ doing it at runtime (using uname) rather that compile time.
* Fix handling of symlinks by "make install" (found by Gaël PORTAY).
* Fix potential NULL pointer dereference (not trigerrable remotely) when
ssl_write() is called before the handshake is finished (introduced in
diff --git a/library/entropy_poll.c b/library/entropy_poll.c
index 61eb3e7..e0f9ae2 100644
--- a/library/entropy_poll.c
+++ b/library/entropy_poll.c
@@ -86,27 +86,46 @@
{
return( syscall( SYS_getrandom, buf, buflen, flags ) );
}
-#endif /* SYS_getrandom */
-#endif /* __linux__ */
-#if defined(HAVE_GETRANDOM)
-
-#include <errno.h>
-
-int platform_entropy_poll( void *data,
- unsigned char *output, size_t len, size_t *olen )
+#include <sys/utsname.h>
+/* Check if version is at least 3.17.0 */
+static int check_version_3_17_plus( void )
{
- int ret;
- ((void) data);
+ int minor;
+ struct utsname un;
+ const char *ver;
- if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 )
- return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
+ /* Get version information */
+ uname(&un);
+ ver = un.release;
- *olen = ret;
+ /* Check major version; assume a single digit */
+ if( ver[0] < '3' || ver[0] > '9' || ver [1] != '.' )
+ return( -1 );
+
+ if( ver[0] - '0' > 3 )
+ return( 0 );
+
+ /* Ok, so now we know major == 3, check minor.
+ * Assume 1 or 2 digits. */
+ if( ver[2] < '0' || ver[2] > '9' )
+ return( -1 );
+
+ minor = ver[2] - '0';
+
+ if( ver[3] >= '0' && ver[3] <= '9' )
+ minor = 10 * minor + ver[3] - '0';
+ else if( ver [3] != '.' )
+ return( -1 );
+
+ if( minor < 17 )
+ return( -1 );
+
return( 0 );
}
-
-#else /* HAVE_GETRANDOM */
+static int has_getrandom = -1;
+#endif /* SYS_getrandom */
+#endif /* __linux__ */
#include <stdio.h>
@@ -117,6 +136,22 @@
size_t ret;
((void) data);
+#if defined(HAVE_GETRANDOM)
+ if( has_getrandom == -1 )
+ has_getrandom = ( check_version_3_17_plus() == 0 );
+
+ if( has_getrandom )
+ {
+ int ret;
+
+ if( ( ret = getrandom_wrapper( output, len, 0 ) ) < 0 )
+ return( POLARSSL_ERR_ENTROPY_SOURCE_FAILED );
+
+ *olen = ret;
+ return( 0 );
+ }
+#endif /* HAVE_GETRANDOM */
+
*olen = 0;
file = fopen( "/dev/urandom", "rb" );
@@ -135,7 +170,6 @@
return( 0 );
}
-#endif /* HAVE_GETRANDOM */
#endif /* _WIN32 && !EFIX64 && !EFI32 */
#endif /* !POLARSSL_NO_PLATFORM_ENTROPY */
