Avoid race condition.

Submitted by: Travis Vitek <vitek@roguewave.com>

Avoid race condition.
Submitted by: Travis Vitek <vitek@roguewave.com>
badb910f · Bodo Möller · 3866752e · badb910f · badb910f
隐藏空白更改
内联并排

Showing with 7 addition and 4 deletion

CHANGES CHANGES +5 -0

crypto/rand/md_rand.c crypto/rand/md_rand.c +2 -4

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -12,6 +12,11 @@
         *) applies to 0.9.6a/0.9.6b and 0.9.7
         +) applies to 0.9.7 only

+  *) In crypto/rand/md_rand.c, set 'locking_thread' to current thread's ID
+     *before* setting the 'crypto_lock_rand' flag.  The previous code had
+     a race condition if 0 is a valid thread ID.
+     [Travis Vitek <vitek@roguewave.com>]
+
  +) Cleanup of EVP macros.
     [Ben Laurie]


--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -361,8 +361,8 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 	CRYPTO_w_lock(CRYPTO_LOCK_RAND);

 	/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-	crypto_lock_rand = 1;
 	locking_thread = CRYPTO_thread_id();
+	crypto_lock_rand = 1;

 	if (!initialized)
 		{
@@ -435,7 +435,6 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)

 	/* before unlocking, we must clear 'crypto_lock_rand' */
 	crypto_lock_rand = 0;
-	locking_thread = 0;
 	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);

 	while (num > 0)
@@ -528,8 +527,8 @@ static int ssleay_rand_status(void)
 		CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 		
 		/* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-		crypto_lock_rand = 1;
 		locking_thread = CRYPTO_thread_id();
+		crypto_lock_rand = 1;
 		}
 	
 	if (!initialized)
@@ -544,7 +543,6 @@ static int ssleay_rand_status(void)
 		{
 		/* before unlocking, we must clear 'crypto_lock_rand' */
 		crypto_lock_rand = 0;
-		locking_thread = 0;
 		
 		CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 		}