auth/Crypto: assert(len <= 256) before calling getentropy()

this assert() will be optimized out in Release mode.

Signed-off-by: Kefu Chai <kchai@redhat.com>

diff --git a/src/auth/Crypto.cc b/src/auth/Crypto.cc
index 0eadacd887dd7ee588f900aa79fb646021a64e4d..daa5925c64a13c2a95d828a469a28f4d7423ec85 100644 (file)
--- a/src/auth/Crypto.cc
+++ b/src/auth/Crypto.cc
@@ -68,6 +68,8 @@ void CryptoRandom::get_bytes(char *buf, int len)
   if (unlikely(fd >= 0)) {
     ret = safe_read_exact(fd, buf, len);
   } else {
+    // getentropy() reads up to 256 bytes
+    assert(len <= 256);
     ret = TEMP_FAILURE_RETRY(::getentropy(buf, len));
   }
   if (ret < 0) {