Avoid race condition.
authorBodo Möller <bodo@openssl.org>
Tue, 24 Jul 2001 12:31:14 +0000 (12:31 +0000)
committerBodo Möller <bodo@openssl.org>
Tue, 24 Jul 2001 12:31:14 +0000 (12:31 +0000)
Submitted by: Travis Vitek <vitek@roguewave.com>

CHANGES
crypto/rand/md_rand.c

diff --git a/CHANGES b/CHANGES
index e4c1778..5137037 100644 (file)
--- a/CHANGES
+++ b/CHANGES
          *) applies to 0.9.6a/0.9.6b and 0.9.7
          +) applies to 0.9.7 only
 
+  *) In crypto/rand/md_rand.c, set 'locking_thread' to current thread's ID
+     *before* setting the 'crypto_lock_rand' flag.  The previous code had
+     a race condition if 0 is a valid thread ID.
+     [Travis Vitek <vitek@roguewave.com>]
+
   +) Cleanup of EVP macros.
      [Ben Laurie]
 
index 9fc98eb..2a56ace 100644 (file)
@@ -361,8 +361,8 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
        CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 
        /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-       crypto_lock_rand = 1;
        locking_thread = CRYPTO_thread_id();
+       crypto_lock_rand = 1;
 
        if (!initialized)
                {
@@ -435,7 +435,6 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 
        /* before unlocking, we must clear 'crypto_lock_rand' */
        crypto_lock_rand = 0;
-       locking_thread = 0;
        CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
        while (num > 0)
@@ -528,8 +527,8 @@ static int ssleay_rand_status(void)
                CRYPTO_w_lock(CRYPTO_LOCK_RAND);
                
                /* prevent ssleay_rand_bytes() from trying to obtain the lock again */
-               crypto_lock_rand = 1;
                locking_thread = CRYPTO_thread_id();
+               crypto_lock_rand = 1;
                }
        
        if (!initialized)
@@ -544,7 +543,6 @@ static int ssleay_rand_status(void)
                {
                /* before unlocking, we must clear 'crypto_lock_rand' */
                crypto_lock_rand = 0;
-               locking_thread = 0;
                
                CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
                }