From 752ed901d6822f1296d26cfbece1ff17ed3ea5ef Mon Sep 17 00:00:00 2001
From: Artyom Pavlov <newpavlov@gmail.com>
Date: Mon, 25 Nov 2019 23:01:09 +0000
Subject: [PATCH] Use getrandom for random_get, disable default rand features
 (#625)

* use getrandom, disable default rand features
---
 crates/environ/Cargo.toml                             |  2 +-
 crates/wasi-common/Cargo.toml                         |  2 +-
 crates/wasi-common/src/hostcalls_impl/misc.rs         | 11 +++++------
 .../src/old/snapshot_0/hostcalls_impl/misc.rs         | 11 +++++------
 4 files changed, 12 insertions(+), 14 deletions(-)

diff --git a/crates/environ/Cargo.toml b/crates/environ/Cargo.toml
index 97cd656cec..c9584e2335 100644
--- a/crates/environ/Cargo.toml
+++ b/crates/environ/Cargo.toml
@@ -44,7 +44,7 @@ errno = "0.2.4"
 tempfile = "3"
 target-lexicon = { version = "0.9.0", default-features = false }
 pretty_env_logger = "0.3.0"
-rand = { version = "0.7.0", features = ["small_rng"] }
+rand = { version = "0.7.0", default-features = false, features = ["small_rng"] }
 cranelift-codegen = { version = "0.50.0", features = ["enable-serde", "all-arch"] }
 filetime = "0.2.7"
 
diff --git a/crates/wasi-common/Cargo.toml b/crates/wasi-common/Cargo.toml
index f6161d0021..8793e5dfc3 100644
--- a/crates/wasi-common/Cargo.toml
+++ b/crates/wasi-common/Cargo.toml
@@ -15,7 +15,7 @@ wasi-common-cbindgen = { path = "wasi-common-cbindgen" }
 anyhow = "1.0"
 thiserror = "1.0"
 libc = "0.2"
-rand = "0.7"
+getrandom = "0.1"
 cfg-if = "0.1.9"
 log = "0.4"
 filetime = "0.2.7"
diff --git a/crates/wasi-common/src/hostcalls_impl/misc.rs b/crates/wasi-common/src/hostcalls_impl/misc.rs
index f5203f0b7a..3123621ada 100644
--- a/crates/wasi-common/src/hostcalls_impl/misc.rs
+++ b/crates/wasi-common/src/hostcalls_impl/misc.rs
@@ -4,7 +4,7 @@ use crate::fdentry::Descriptor;
 use crate::memory::*;
 use crate::sys::hostcalls_impl;
 use crate::{wasi, wasi32, Error, Result};
-use log::trace;
+use log::{error, trace};
 use std::convert::TryFrom;
 
 pub(crate) fn args_get(
@@ -132,15 +132,14 @@ pub(crate) fn random_get(
     buf_ptr: wasi32::uintptr_t,
     buf_len: wasi32::size_t,
 ) -> Result<()> {
-    use rand::{thread_rng, RngCore};
-
     trace!("random_get(buf_ptr={:#x?}, buf_len={:?})", buf_ptr, buf_len);
 
     let buf = dec_slice_of_mut_u8(memory, buf_ptr, buf_len)?;
 
-    thread_rng().fill_bytes(buf);
-
-    Ok(())
+    getrandom::getrandom(buf).map_err(|err| {
+        error!("getrandom failure: {:?}", err);
+        Error::EIO
+    })
 }
 
 pub(crate) fn clock_res_get(
diff --git a/crates/wasi-common/src/old/snapshot_0/hostcalls_impl/misc.rs b/crates/wasi-common/src/old/snapshot_0/hostcalls_impl/misc.rs
index 83b193cb43..f06e052348 100644
--- a/crates/wasi-common/src/old/snapshot_0/hostcalls_impl/misc.rs
+++ b/crates/wasi-common/src/old/snapshot_0/hostcalls_impl/misc.rs
@@ -4,7 +4,7 @@ use crate::old::snapshot_0::fdentry::Descriptor;
 use crate::old::snapshot_0::memory::*;
 use crate::old::snapshot_0::sys::hostcalls_impl;
 use crate::old::snapshot_0::{wasi, wasi32, Error, Result};
-use log::trace;
+use log::{error, trace};
 use std::convert::TryFrom;
 
 pub(crate) fn args_get(
@@ -132,15 +132,14 @@ pub(crate) fn random_get(
     buf_ptr: wasi32::uintptr_t,
     buf_len: wasi32::size_t,
 ) -> Result<()> {
-    use rand::{thread_rng, RngCore};
-
     trace!("random_get(buf_ptr={:#x?}, buf_len={:?})", buf_ptr, buf_len);
 
     let buf = dec_slice_of_mut_u8(memory, buf_ptr, buf_len)?;
 
-    thread_rng().fill_bytes(buf);
-
-    Ok(())
+    getrandom::getrandom(buf).map_err(|err| {
+        error!("getrandom failure: {:?}", err);
+        Error::EIO
+    })
 }
 
 pub(crate) fn clock_res_get(