rnd-linux: added sanity check in getrandom output

diff --git a/lib/nettle/rnd-linux.c b/lib/nettle/rnd-linux.c
index 87b325f8936dd663cea5a042ce097ec720713adc..45b9890c7055844ec536a59189c1e70bb02e75ee 100644 (file)
--- a/lib/nettle/rnd-linux.c
+++ b/lib/nettle/rnd-linux.c
@@ -83,6 +83,12 @@ static int _rnd_get_system_entropy_getrandom(void* _rnd, size_t size)
                                         strerror(errno));
                return GNUTLS_E_RANDOM_DEVICE_ERROR;
        }
+
+       /* This function is only used internally for small sizes which
+        * should be delivered by getrandom(). */
+       if ((size_t)ret != size)
+               return gnutls_assert_val(GNUTLS_E_RANDOM_DEVICE_ERROR);
+
        return 0;
 }
 #else