From c01152d35ab06139307f793abbc65d77c720016d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tobias=20Frauenschl=C3=A4ger?= Date: Mon, 8 Jun 2026 08:19:13 +0200 Subject: [PATCH] Minor fix in liboqs GetRandomData Fixes F-4443 --- wolfcrypt/src/port/liboqs/liboqs.c | 13 ++++++++++++- 1 file changed, 12 insertions(+), 1 deletion(-) diff --git a/wolfcrypt/src/port/liboqs/liboqs.c b/wolfcrypt/src/port/liboqs/liboqs.c index 826d1b3cd9..220f704c9e 100644 --- a/wolfcrypt/src/port/liboqs/liboqs.c +++ b/wolfcrypt/src/port/liboqs/liboqs.c @@ -49,7 +49,14 @@ static void wolfSSL_liboqsGetRandomData(uint8_t* buffer, size_t numOfBytes) while (numOfBytes > 0) { numOfBytes_word32 = (word32)numOfBytes; - numOfBytes -= numOfBytes_word32; + /* On platforms where size_t is wider than word32, the cast above can + * truncate. If numOfBytes does not fit into a word32 (including the + * case where it is an exact multiple of 2^32 and truncates to 0), + * generate the largest chunk that fits to guarantee forward progress + * and avoid an infinite loop. */ + if ((size_t)numOfBytes_word32 != numOfBytes) { + numOfBytes_word32 = 0xFFFFFFFFU; + } ret = wc_RNG_GenerateBlock(liboqsCurrentRNG, buffer, numOfBytes_word32); if (ret != 0) { @@ -62,6 +69,10 @@ static void wolfSSL_liboqsGetRandomData(uint8_t* buffer, size_t numOfBytes) ); abort(); } + /* Advance the buffer so subsequent iterations append rather than + * overwrite the previously generated bytes. */ + buffer += numOfBytes_word32; + numOfBytes -= numOfBytes_word32; } }