octoleo/qpdf
2
1
Fork 0
mirror of https://github.com/qpdf/qpdf.git synced 2025-01-02 22:50:20 +00:00
Code Issues Releases Wiki Activity

Move random number device check to runtime (fixes #1022)

Browse Source 
Having it at compile time breaks cross-compilation and isn't really
right anyway.
This commit is contained in:
Jay Berkenbilt 2023-09-03 09:35:28 -04:00
parent 2b4dcb33aa
commit 87765bace9
4 changed files with 23 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
ChangeLog
View File

@ -1,3 +1,10 @@
2023-09-03 Jay Berkenbilt <ejb@ql.org>
* Move check for random number device to runtime instead of
compile time. Since, by default, the crypto provider provides
random numbers, runtime determinination of a random number device
is usually not needed. Fixes #1022.
2023-09-02 Jay Berkenbilt <ejb@ql.org> 2023-09-02 Jay Berkenbilt <ejb@ql.org>
* Bug fix from M. Holger: allow fix-qdf to read from pipe. Fixes #1010. * Bug fix from M. Holger: allow fix-qdf to read from pipe. Fixes #1010.

2
libqpdf/CMakeLists.txt
View File

@ -320,8 +320,6 @@ check_symbol_exists(fseeko "stdio.h" HAVE_FSEEKO)
check_symbol_exists(fseeko64 "stdio.h" HAVE_FSEEKO64) check_symbol_exists(fseeko64 "stdio.h" HAVE_FSEEKO64)
check_symbol_exists(localtime_r "time.h" HAVE_LOCALTIME_R) check_symbol_exists(localtime_r "time.h" HAVE_LOCALTIME_R)
check_symbol_exists(random "stdlib.h" HAVE_RANDOM) check_symbol_exists(random "stdlib.h" HAVE_RANDOM)
find_file(RANDOM_DEVICE
"urandom" "arandom" "arandom" PATHS "/dev" NO_DEFAULT_PATH)
check_c_source_compiles( check_c_source_compiles(
"#include <time.h> "#include <time.h>

29
libqpdf/SecureRandomDataProvider.cc
View File

@ -87,24 +87,27 @@ SecureRandomDataProvider::provideRandomData(unsigned char* data, size_t len)
throw std::runtime_error("unable to generate secure random data"); throw std::runtime_error("unable to generate secure random data");
} }
# elif defined(RANDOM_DEVICE) # else
static std::unique_ptr<QUtil::FileCloser> random_device = []() {
FILE* f = fopen("/dev/urandom", "rb");
if (f == nullptr) {
f = fopen("/dev/arandom", "rb");
}
if (f == nullptr) {
f = fopen("/dev/random", "rb");
}
if (f == nullptr) {
throw std::runtime_error("unable to find device in /dev for generating random numbers");
}
return std::make_unique<QUtil::FileCloser>(f);
}();
// Optimization: wrap the file open and close in a class so that the file is closed in a size_t fr = fread(data, 1, len, random_device->f);
// destructor, then make this static to keep the file handle open. Only do this if it can be
// done in a thread-safe fashion.
FILE* f = QUtil::safe_fopen(RANDOM_DEVICE, "rb");
size_t fr = fread(data, 1, len, f);
fclose(f);
if (fr != len) { if (fr != len) {
throw std::runtime_error( throw std::runtime_error(
"unable to read " + std::to_string(len) + " bytes from " + std::string(RANDOM_DEVICE)); "unable to read " + std::to_string(len) + " bytes from random number device");
} }
# else
# error \
"Don't know how to generate secure random numbers on this platform. See random number generation in the top-level README.md"
# endif # endif
} }

3
libqpdf/qpdf/qpdf-config.h.in
View File

@ -24,8 +24,5 @@
#cmakedefine HAVE_MALLOC_INFO 1 #cmakedefine HAVE_MALLOC_INFO 1
#cmakedefine HAVE_OPEN_MEMSTREAM 1 #cmakedefine HAVE_OPEN_MEMSTREAM 1
/* system random device (e.g. /dev/random) if any */
#cmakedefine RANDOM_DEVICE "${RANDOM_DEVICE}"
/* bytes in the size_t type */ /* bytes in the size_t type */
#cmakedefine SIZEOF_SIZE_T ${SIZEOF_SIZE_T} #cmakedefine SIZEOF_SIZE_T ${SIZEOF_SIZE_T}