commit 730dddc3806f904b4328f4e9281d370c65522c30 Author: Nick Mathewson nickm@torproject.org Date: Mon Mar 18 12:50:11 2019 -0400

Make sure that the rng is not replaced if it is already replaced. --- src/test/rng_test_helpers.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+)

diff --git a/src/test/rng_test_helpers.c b/src/test/rng_test_helpers.c index c11709ed8..262d380bd 100644 --- a/src/test/rng_test_helpers.c +++ b/src/test/rng_test_helpers.c @@ -25,6 +25,11 @@ #endif

/** + * True iff the RNG is currently replaced. Prevents double-replacement. + **/ +static bool rng_is_replaced = false; + +/** * Mutex to protect deterministic prng. * * Note that if you actually _use_ the prng from two threads at the same time, @@ -82,6 +87,9 @@ crypto_rand_deterministic(char *out, size_t n) static void enable_deterministic_rng_impl(const uint8_t *seed, size_t seed_len) { + tor_assert(!rng_is_replaced); + tor_assert(crypto_rand == crypto_rand__real); + memset(rng_seed, 0, sizeof(rng_seed)); memcpy(rng_seed, seed, MIN(seed_len, sizeof(rng_seed)));

@@ -100,6 +108,8 @@ enable_deterministic_rng_impl(const uint8_t *seed, size_t seed_len) crypto_fast_rng_t *fast_rng = crypto_fast_rng_new_from_seed(fast_rng_seed); crypto_fast_rng_disable_reseed(fast_rng); stored_fast_rng = crypto_replace_thread_fast_rng(fast_rng); + + rng_is_replaced = true; }

/** @@ -196,6 +206,9 @@ testing_prefilled_rng_reset(void)

/** * Undo the overrides for our PRNG. To be used at the end of testing. + * + * Note that this function should be safe to call even if the rng has not + * yet been replaced. **/ void testing_disable_rng_override(void) @@ -208,4 +221,6 @@ testing_disable_rng_override(void)

crypto_fast_rng_t *rng = crypto_replace_thread_fast_rng(stored_fast_rng); crypto_fast_rng_free(rng); + + rng_is_replaced = false; }