Auto merge of #31876 - ollie27:win_fill_bytes, r=brson

CryptGenRandom takes a DWORD (u32) for the length so it only supports writing u32::MAX bytes at a time. Casting the length from a usize caused truncation meaning the whole buffer was not always filled. cc #31841 This is the same as rust-random/rand#99. I think it's a good idea to keep the implementations in sync. r? @alexcrichton
rust-lang · Feb 26, 2016 · 98a8a71 · 98a8a71
2 parents 64b4b6d + ac3cc33
commit 98a8a71
Showing 1 changed file with 11 additions and 7 deletions.
diff --git a/src/libstd/sys/windows/rand.rs b/src/libstd/sys/windows/rand.rs
@@ -48,13 +48,17 @@ impl Rng for OsRng {
         unsafe { mem::transmute(v) }
     }
     fn fill_bytes(&mut self, v: &mut [u8]) {
-        let ret = unsafe {
-            c::CryptGenRandom(self.hcryptprov, v.len() as c::DWORD,
-                              v.as_mut_ptr())
-        };
-        if ret == 0 {
-            panic!("couldn't generate random bytes: {}",
-                   io::Error::last_os_error());
+        // CryptGenRandom takes a DWORD (u32) for the length so we need to
+        // split up the buffer.
+        for slice in v.chunks_mut(<c::DWORD>::max_value() as usize) {
+            let ret = unsafe {
+                c::CryptGenRandom(self.hcryptprov, slice.len() as c::DWORD,
+                                  slice.as_mut_ptr())
+            };
+            if ret == 0 {
+                panic!("couldn't generate random bytes: {}",
+                       io::Error::last_os_error());
+            }
         }
     }
 }