Cypherpunks repositories - gostls13.git/commit

author	Roland Shoemaker <roland@golang.org>
	Tue, 26 Apr 2022 02:02:35 +0000 (19:02 -0700)
committer	Alex Rakoczy <alex@golang.org>
	Wed, 25 May 2022 19:26:12 +0000 (19:26 +0000)
commit	32dedaa69e22f1a058ae90b9484fd4c3b46fbcbf
tree	f19dfb22a37ca53644ecfc7886ad7e9ab84bf9bb	tree
parent	04337a6d10363a45ba5accfc8f323b01f9911295	commit \| diff

[release-branch.go1.18] [release-branch.go1.18 crypto/rand: properly handle large Read on windows

Use the batched reader to chunk large Read calls on windows to a max of
1 << 31 - 1 bytes. This prevents an infinite loop when trying to read
more than 1 << 32 -1 bytes, due to how RtlGenRandom works.

This change moves the batched function from rand_unix.go to rand.go,
since it is now needed for both windows and unix implementations.

Updates #52561
Fixes #52933
Fixes CVE-2022-30634

Change-Id: Id98fc4b1427e5cb2132762a445b2aed646a37473
Reviewed-on: https://go-review.googlesource.com/c/go/+/402257
Run-TryBot: Roland Shoemaker <roland@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
Reviewed-by: Filippo Valsorda <valsorda@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
(cherry picked from commit bb1f4416180511231de6d17a1f2f55c82aafc863)
Reviewed-on: https://go-review.googlesource.com/c/go/+/406634
Reviewed-by: Damien Neil <dneil@google.com>

src/crypto/rand/rand.go		diff \| blob \| history
src/crypto/rand/rand_batched.go		diff \| blob \| history
src/crypto/rand/rand_batched_test.go		diff \| blob \| history
src/crypto/rand/rand_getentropy.go		diff \| blob \| history
src/crypto/rand/rand_unix.go		diff \| blob \| history
src/crypto/rand/rand_windows.go		diff \| blob \| history