git: f3ed4a38b520 - stable/12 - random(4): Fix a regression in short AES mode reads

From: David E. O'Brien <obrien_at_FreeBSD.org>
Date: Tue, 15 Feb 2022 02:09:26 UTC
The branch stable/12 has been updated by obrien:

URL: https://cgit.FreeBSD.org/src/commit/?id=f3ed4a38b5202a4414df8994b8a75d24245f0b9d

commit f3ed4a38b5202a4414df8994b8a75d24245f0b9d
Author:     Conrad Meyer <cem@FreeBSD.org>
AuthorDate: 2019-06-18 18:50:58 +0000
Commit:     David E. O'Brien <obrien@FreeBSD.org>
CommitDate: 2022-02-15 02:09:08 +0000

    random(4): Fix a regression in short AES mode reads
    
    In r349154, random device reads of size < 16 bytes (AES block size) were
    accidentally broken to loop forever.  Correct the loop condition for small
    reads.
    
    (cherry picked from commit 22eedc9722746206bf2f8b0c5fcdab58917c7bd5)
---
 sys/dev/random/fortuna.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/dev/random/fortuna.c b/sys/dev/random/fortuna.c
index f7f8a753c790..0e66ba3e97f6 100644
--- a/sys/dev/random/fortuna.c
+++ b/sys/dev/random/fortuna.c
@@ -489,7 +489,7 @@ random_fortuna_genbytes(uint8_t *buf, size_t bytecount,
 	if (!random_chachamode)
 		chunk_size = rounddown(chunk_size, RANDOM_BLOCKSIZE);
 
-	while (bytecount >= chunk_size) {
+	while (bytecount >= chunk_size && chunk_size > 0) {
 		randomdev_keystream(p_key, p_counter, buf, chunk_size);
 
 		buf += chunk_size;