Bug 1240589 - Import Chromium's upstream rand_util_win.cc to avoid rand_s() crash. r=jld

2024-11-24 05:11:16 +00:00 · 2016-01-14 00:53:52 -08:00 · 2016-01-14 00:53:52 -08:00 · 0af6cf57f0
commit 0af6cf57f0
parent c824bef9fe
2 changed files with 37 additions and 16 deletions
--- a/ipc/chromium/src/base/rand_util.h
+++ b/ipc/chromium/src/base/rand_util.h
@ -18,6 +18,13 @@ int RandInt(int min, int max);
 // Returns a random double in range [0, 1). Thread-safe.
 double RandDouble();

+// Fills |output_length| bytes of |output| with random data.
+//
+// WARNING:
+// Do not use for security-sensitive purposes.
+// See crypto/ for cryptographically secure random number generation APIs.
+void RandBytes(void* output, size_t output_length);
+
 }  // namespace base

 #endif // BASE_RAND_UTIL_H_
--- a/ipc/chromium/src/base/rand_util_win.cc
+++ b/ipc/chromium/src/base/rand_util_win.cc
@ -1,30 +1,44 @@
-// Copyright (c) 2008 The Chromium Authors. All rights reserved.
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "base/rand_util.h"
+#include <windows.h>
+#include <stddef.h>
+#include <stdint.h>

-#include <stdlib.h>
+// #define needed to link in RtlGenRandom(), a.k.a. SystemFunction036.  See the
+// "Community Additions" comment on MSDN here:
+// http://msdn.microsoft.com/en-us/library/windows/desktop/aa387694.aspx
+#define SystemFunction036 NTAPI SystemFunction036
+#include <NTSecAPI.h>
+#undef SystemFunction036
+
+#include <algorithm>
+#include <limits>

-#include "base/basictypes.h"
 #include "base/logging.h"

-namespace {
-
-uint32_t RandUint32() {
-  uint32_t number;
-  CHECK(rand_s(&number) == 0);
-  return number;
-}
-
-}  // namespace
-
 namespace base {

+// NOTE: This function must be cryptographically secure. http://crbug.com/140076
 uint64_t RandUint64() {
-  uint32_t first_half = RandUint32();
-  uint32_t second_half = RandUint32();
-  return (static_cast<uint64_t>(first_half) << 32) + second_half;
+  uint64_t number;
+  RandBytes(&number, sizeof(number));
+  return number;
+}
+
+void RandBytes(void* output, size_t output_length) {
+  char* output_ptr = static_cast<char*>(output);
+  while (output_length > 0) {
+    const ULONG output_bytes_this_pass = static_cast<ULONG>(std::min(
+        output_length, static_cast<size_t>(std::numeric_limits<ULONG>::max())));
+    const bool success =
+        RtlGenRandom(output_ptr, output_bytes_this_pass) != FALSE;
+    CHECK(success);
+    output_length -= output_bytes_this_pass;
+    output_ptr += output_bytes_this_pass;
+  }
 }

 }  // namespace base