util/nvmutil: even safer rhex()

also handles possible overflows in read_gbe_file_exact

it removes dead code on both paths: arc4random and
urandom

Signed-off-by: Leah Rowe <leah@libreboot.org>
This commit is contained in:
Leah Rowe
2026-03-09 17:41:29 +00:00
parent b2a3edd170
commit 85cc3071bb
+7 -9
View File
@@ -932,18 +932,16 @@ rhex(void)
static uint8_t rnum[12];
int max_retries;
for (max_retries = 0; max_retries < 50 && !n; max_retries++) {
n = sizeof(rnum);
#ifdef NVMUTIL_ARC4RANDOM_BUF
arc4random_buf(rnum, n);
if (!n) {
n = sizeof(rnum);
arc4random_buf(rnum, n);
}
#else
for (max_retries = 0; max_retries < 50 && !n; max_retries++)
n = (size_t)read_gbe_file_exact(urandom_fd,
rnum, n, 0, rname, NULL);
#endif
}
#ifndef NVMUTIL_ARC4RANDOM_BUF
if (!n)
rnum, sizeof(rnum), 0, rname, NULL);
if (!n || n > sizeof(rnum))
err(ECANCELED, "Randomisation failure");
#endif