From 50f05bfa15622e10f58511e8b0b8dadfe670e12f Mon Sep 17 00:00:00 2001
From: Jan Friesse <jfriesse@redhat.com>
Date: Mon, 30 May 2011 16:55:45 +0200
Subject: [PATCH] crypto: rng_make_prng prevent buf overflow

with bits set to 1023, buf of 256 bytes was filled by rng_get_bytes
up to 257 bytes. Buf is now 258 bytes so it's no longer problem.

Signed-off-by: Jan Friesse <jfriesse@redhat.com>
Reviewed-by: Steven Dake <sdake@redhat.com>
---
 exec/crypto.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/exec/crypto.c b/exec/crypto.c
index e21aa16c..901797a1 100644
--- a/exec/crypto.c
+++ b/exec/crypto.c
@@ -1314,7 +1314,7 @@ unsigned long rng_get_bytes(unsigned char *buf, unsigned long len,
 int rng_make_prng(int bits, int wprng, prng_state *prng,
                   void (*callback)(void))
 {
-   unsigned char buf[256];
+   unsigned char buf[258];
    int err;
 
    if (bits < 64 || bits > 1024) {