From a4e128a9a9814618c4b63370e6215ba639b78011 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fabian=20Gr=C3=BCnbichler?= <f.gruenbichler@proxmox.com>
Date: Mon, 22 Jun 2020 12:03:01 +0200
Subject: [PATCH] gen_rand_chars: handle errors properly
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

should not really happen on modern systems, but random_bytes just
returns false if it fails to generate random bytes, in which case we
want to die instead of returning an empty 'random' string.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
 PVE/API2/Qemu.pm | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/PVE/API2/Qemu.pm b/PVE/API2/Qemu.pm
index dcb364d9..3965c269 100644
--- a/PVE/API2/Qemu.pm
+++ b/PVE/API2/Qemu.pm
@@ -1597,8 +1597,12 @@ my $gen_rand_chars = sub {
     die "invalid length $length" if $length < 1;
 
     my $min = ord('!'); # first printable ascii
-    my @rand_bytes = split '', Crypt::OpenSSL::Random::random_bytes($length);
-    my $str = join('', map { chr((ord($_) & 0x3F) + $min) } @rand_bytes);
+
+    my $rand_bytes = Crypt::OpenSSL::Random::random_bytes($length);
+    die "failed to generate random bytes!\n"
+      if !$rand_bytes;
+
+    my $str = join('', map { chr((ord($_) & 0x3F) + $min) } split('', $rand_bytes));
 
     return $str;
 };