From 4c5752d40f3854276a4643d834c0cdab8779d43c Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Tue, 5 Aug 2008 23:14:05 +0200 Subject: secrets: fix replacemend random seed generator (security issue). This is a regression introduced by the change to dbwrap. The replacement dbwrap_change_int32_atomic() does not correctly mimic the behaviour of tdb_change_int32_atomic(): The intended behaviour is to use *oldval as an initial value when the entry does not yet exist in the db and to return the old value in *oldval. The effect was that: 1. get_rand_seed() always returns sys_getpid() in *new_seed instead of the incremented seed from the secrets.tdb. 2. the seed stored in the tdb is always starting at 0 instead of sys_getpid() + 1 and incremented in subsequent calls. In principle this is a security issue, but i think the danger is low, since this is only used as a fallback when there is no useable /dev/urandom, and this is at most called on startup or via reinit_after_fork. Michael (This used to be commit bfc5d34a196f667276ce1e173821db478d01258b) --- source3/lib/dbwrap_util.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'source3') diff --git a/source3/lib/dbwrap_util.c b/source3/lib/dbwrap_util.c index 3bf312d0d0..7789f69223 100644 --- a/source3/lib/dbwrap_util.c +++ b/source3/lib/dbwrap_util.c @@ -150,9 +150,13 @@ int32 dbwrap_change_int32_atomic(struct db_context *db, const char *keystr, return -1; } - if ((rec->value.dptr != NULL) - && (rec->value.dsize == sizeof(val))) { + if (rec->value.dptr == NULL) { + val = *oldval; + } else if (rec->value.dsize == sizeof(val)) { val = IVAL(rec->value.dptr, 0); + *oldval = val; + } else { + return -1; } val += change_val; -- cgit