Owen's just pointed out that random_stir() is capable of recursion.

I'm sure I didn't mean that to happen! Added a lock to stop it.

[originally from svn r5166]

diff --git a/sshrand.c b/sshrand.c
index 43b81234240f8d9e7ca37d51c5e89276a1bbf7ca..26fcfe5245200ac9bd7cd48a04373b855bd5e0f5 100644 (file)
--- a/sshrand.c
+++ b/sshrand.c
@@ -40,6 +40,8 @@ struct RandPool {
 
     unsigned char incomingb[HASHINPUT];
     int incomingpos;
+
+    int stir_pending;
 };
 
 static struct RandPool pool;
@@ -52,6 +54,14 @@ static void random_stir(void)
     word32 digest[HASHSIZE / sizeof(word32)];
     int i, j, k;
 
+    /*
+     * noise_get_light will call random_add_noise, which may call
+     * back to here. Prevent recursive stirs.
+     */
+    if (pool.stir_pending)
+       return;
+    pool.stir_pending = TRUE;
+
     noise_get_light(random_add_noise);
 
     SHATransform((word32 *) pool.incoming, (word32 *) pool.incomingb);
@@ -115,6 +125,8 @@ static void random_stir(void)
     memcpy(pool.incoming, digest, sizeof(digest));
 
     pool.poolpos = sizeof(pool.incoming);
+
+    pool.stir_pending = FALSE;
 }
 
 void random_add_noise(void *noise, int length)