Bug in jitterentropy handling

Thu Oct 23 08:46:28 CEST 2025

Hello,

Eric Berry wrote:
> The flag jent_rng_is_initialized is not being handled correctly.
> - It is set to true before the corresponding jent_rng_collector structure
> is fully initialized.
> - It is not cleared when the jent_rng_collector is freed.
>
> Subsequently, when trying to generate entropy in the function
> _gcry_rndjent_poll after the jent_rng_collector has been freed,
> jent_rng_is_initialized is true so jent_rng_collector is not
> re-initialized, but then when trying to generate entropy jent_rng_collector
> is null so entropy generation is skipped.

I see the point.  Applied and pushed to master.

Looking the patch, it was not clear for me how this bug mattered, so, I
describe my understanding here.

At the start of library, we have a call chain of:

    _gcry_global_constructor
        -> _gcry_fips_run_selftests
        -> _gcry_random_close_fds
            -> _gcry_rngsystem_close_fds
                -> _gcry_rndgetentropy_gather_random
                    -> _gcry_rndjent_fini

                       Here, jent_rng_collector is freed

Before the change, jent_rng_is_initialized was kept 1 while
jent_rng_collector became NULL.

Applying the fix, jent_rng_is_initialized becomes 0 correctly.
-- 