Auto merge of #884 - Aaron1011:fix/linux-getrandom, r=RalfJung

Allowing passing a null pointer to getrandom() when length is 0 The Linux kernel will handle a null pointer passed to 'getrandom' without error, as long as the length is also 0. The `getrandom` crate relies on this behavior: https://github.com/rust-random/getrandom/blob/ab44edf3c7af721a00e22648b6c811ccb559ba81/src/linux_android.rs#L26 Since it works fine on the actual kernel (and should continue to, due to the kernel's backwards-compatibility guarantees), Miri should support it as well.
2026-05-31 21:47:15 +03:00 · 2019-08-04 19:50:41 +00:00
parent 8053288bd0 4d3398fc62
commit bc82f83298
1 changed files with 13 additions and 4 deletions
@@ -81,12 +81,21 @@ fn gen_random(
        ptr: Scalar<Tag>,
        len: usize,
    ) -> InterpResult<'tcx>  {
+        // Some programs pass in a null pointer and a length of 0
+        // to their platform's random-generation function (e.g. getrandom())
+        // on Linux. For compatibility with these programs, we don't perform
+        // any additional checks - it's okay if the pointer is invalid,
+        // since we wouldn't actually be writing to it.
+        if len == 0 {
+            return Ok(());
+        }
        let this = self.eval_context_mut();

-        let ptr = match this.memory().check_ptr_access(ptr, Size::from_bytes(len as u64), Align::from_bytes(1).unwrap())? {
-            Some(ptr) => ptr,
-            None => return Ok(()), // zero-sized access
-        };
+        let ptr = this.memory().check_ptr_access(
+            ptr,
+            Size::from_bytes(len as u64),
+            Align::from_bytes(1).unwrap()
+        )?.expect("we already checked for size 0");

        let rng = this.memory_mut().extra.rng.get_mut();
        let mut data = vec![0; len];