util: Don't overflow in virRandomBits

The function is supposed to return up to 64bit long integer. In order to do that it calls virRandomBytes() to fill the integer with random bytes and then masks out everything but requested bits. However, when doing that it shifts 1U and not 1ULL. So effectively, requesting 32 random bis or more always return 0 which is not random enough. Signed-off-by: N Michal Privoznik <mprivozn@redhat.com> Reviewed-by: N Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: N Pino Toscano <ptoscano@redhat.com>

util: Don't overflow in virRandomBits
The function is supposed to return up to 64bit long integer. In order to do that it calls virRandomBytes() to fill the integer with random bytes and then masks out everything but requested bits. However, when doing that it shifts 1U and not 1ULL. So effectively, requesting 32 random bis or more always return 0 which is not random enough. Signed-off-by: N Michal Privoznik <mprivozn@redhat.com> Reviewed-by: N Daniel P. Berrangé <berrange@redhat.com> Reviewed-by: N Pino Toscano <ptoscano@redhat.com>
78c47a92 · Michal Privoznik · 3251fc9c · 78c47a92
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

src/util/virrandom.c src/util/virrandom.c +1 -1

未找到文件。
--- a/src/util/virrandom.c
+++ b/src/util/virrandom.c
@@ -68,7 +68,7 @@ uint64_t virRandomBits(int nbits)
        return 0;
    }

-    ret &= (1U << nbits) - 1;
+    ret &= (1ULL << nbits) - 1;
    return ret;
 }