https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=6c420fa49455a7f743c01190e1d23b0749e20fa6
commit 6c420fa49455a7f743c01190e1d23b0749e20fa6 Author: Yaakov Selkowitz <yselk...@redhat.com> Date: Sat Mar 11 10:01:47 2017 +0100 getrandom: it's MIN, not MAX Signed-off-by: Corinna Vinschen <cori...@vinschen.de> Diff: --- winsup/cygwin/libc/getentropy.cc | 2 +- winsup/cygwin/release/2.8.0 | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/winsup/cygwin/libc/getentropy.cc b/winsup/cygwin/libc/getentropy.cc index 5918eb5..c358b52 100644 --- a/winsup/cygwin/libc/getentropy.cc +++ b/winsup/cygwin/libc/getentropy.cc @@ -51,7 +51,7 @@ getrandom (void *ptr, size_t len, unsigned int flags) return -1; } /* Max. bytes returned by Linux call. */ - len = MAX (len, (flags & GRND_RANDOM) ? 512 : 33554431); + len = MIN (len, (flags & GRND_RANDOM) ? 512 : 33554431); __try { if (!RtlGenRandom (ptr, len)) diff --git a/winsup/cygwin/release/2.8.0 b/winsup/cygwin/release/2.8.0 index d8e20a1..f5568de 100644 --- a/winsup/cygwin/release/2.8.0 +++ b/winsup/cygwin/release/2.8.0 @@ -23,3 +23,5 @@ Bug Fixes - Fix a few problems which are the combined culprit of fork failing when called recursively from a pthread. Addresses: https://cygwin.com/ml/cygwin/2017-03/msg00113.html + +- Fix potential buffer overflow in getrandom.