aboutsummaryrefslogtreecommitdiff
path: root/lib/std/start.zig
diff options
context:
space:
mode:
authorAndrew Kelley <andrew@ziglang.org>2020-12-17 20:35:29 -0700
committerAndrew Kelley <andrew@ziglang.org>2020-12-18 12:22:46 -0700
commit4dcd1e60597c5bd79eab29f49717a13b1b144c8b (patch)
tree18c57ca713dbf69b4d4a3b60bf0519fa5eb9f341 /lib/std/start.zig
parent013efaf13987acfa6b41d40f07900c1ea77f5bda (diff)
downloadzig-4dcd1e60597c5bd79eab29f49717a13b1b144c8b.tar.gz
zig-4dcd1e60597c5bd79eab29f49717a13b1b144c8b.zip
start code: overwrite AT_RANDOM after we use it
Diffstat (limited to 'lib/std/start.zig')
-rw-r--r--lib/std/start.zig8
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/std/start.zig b/lib/std/start.zig
index b6fb7e4dfd..6249a6e1ac 100644
--- a/lib/std/start.zig
+++ b/lib/std/start.zig
@@ -226,11 +226,17 @@ fn posixCallMainAndExit() noreturn {
// "The address of sixteen bytes containing a random value."
const addr = auxv[i].a_un.a_val;
if (addr == 0) break;
- const ptr = @intToPtr(*const [16]u8, addr);
+ const ptr = @intToPtr(*[16]u8, addr);
var seed: [32]u8 = undefined;
seed[0..16].* = ptr.*;
seed[16..].* = ptr.*;
tlcsprng.init(seed);
+ // Overwrite AT_RANDOM after we use it, otherwise our secure
+ // seed is sitting in memory ready for some other code in the
+ // program to reuse, and hence break our security.
+ // We play nice by refreshing it with fresh random bytes
+ // rather than clearing it.
+ std.crypto.random.bytes(ptr);
break;
},
else => continue,
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-28 01:55:51 +0000