random: call abort(3) instead of assert in must_succeed macro

Avoids silent use of bad RNG in release builds, in case those
calls might actually fail.

Reported by smooth.
This commit is contained in:
moneromooo-monero 2016-04-24 12:26:56 +01:00
parent 1c66fe04bc
commit 31587bdd15
No known key found for this signature in database
GPG key ID: 686F07454D6CEFC3

View file

@ -45,7 +45,7 @@ static void generate_system_random_bytes(size_t n, void *result);
static void generate_system_random_bytes(size_t n, void *result) { static void generate_system_random_bytes(size_t n, void *result) {
HCRYPTPROV prov; HCRYPTPROV prov;
#define must_succeed(x) do if (!(x)) assert(0); while (0) #define must_succeed(x) do if (!(x)) abort(); while (0)
must_succeed(CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT)); must_succeed(CryptAcquireContext(&prov, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT | CRYPT_SILENT));
must_succeed(CryptGenRandom(prov, (DWORD)n, result)); must_succeed(CryptGenRandom(prov, (DWORD)n, result));
must_succeed(CryptReleaseContext(prov, 0)); must_succeed(CryptReleaseContext(prov, 0));