commit 4dcd1e60597c5bd79eab29f49717a13b1b144c8b (tree)
parent 013efaf13987acfa6b41d40f07900c1ea77f5bda
Author: Andrew Kelley <andrew@ziglang.org>
Date: Thu, 17 Dec 2020 20:35:29 -0700
start code: overwrite AT_RANDOM after we use it
Diffstat:
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/lib/std/start.zig b/lib/std/start.zig
@@ -226,11 +226,17 @@ fn posixCallMainAndExit() noreturn {
// "The address of sixteen bytes containing a random value."
const addr = auxv[i].a_un.a_val;
if (addr == 0) break;
- const ptr = @intToPtr(*const [16]u8, addr);
+ const ptr = @intToPtr(*[16]u8, addr);
var seed: [32]u8 = undefined;
seed[0..16].* = ptr.*;
seed[16..].* = ptr.*;
tlcsprng.init(seed);
+ // Overwrite AT_RANDOM after we use it, otherwise our secure
+ // seed is sitting in memory ready for some other code in the
+ // program to reuse, and hence break our security.
+ // We play nice by refreshing it with fresh random bytes
+ // rather than clearing it.
+ std.crypto.random.bytes(ptr);
break;
},
else => continue,