From 7434df1cc6e96b5d98ea6e3ec095eaae4ac9a95c Mon Sep 17 00:00:00 2001 From: moneromooo-monero Date: Tue, 24 Jul 2018 20:53:09 +0100 Subject: [PATCH] crypto: never return zero in random32_unbiased This avoids problems when the caller can't deal with a zero walue, which happens often enough that it's worth nipping the problem in the bud. --- src/crypto/crypto.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/crypto/crypto.cpp b/src/crypto/crypto.cpp index 4243c71fd..d6e3b8e0e 100644 --- a/src/crypto/crypto.cpp +++ b/src/crypto/crypto.cpp @@ -116,7 +116,7 @@ namespace crypto { do { generate_random_bytes_thread_safe(32, bytes); - } while (!less32(bytes, limit)); // should be good about 15/16 of the time + } while (!sc_isnonzero(bytes) && !less32(bytes, limit)); // should be good about 15/16 of the time sc_reduce32(bytes); } /* generate a random 32-byte (256-bit) integer and copy it to res */