On Tue, Oct 4, 2022 at 12:07 AM Philippe Mathieu-Daudé <f4bug@xxxxxxxxx> wrote:
+ add_bootloader_randomness(rng_seed, len);
So we call char/random code with len=0. Is it safe?
Maybe simply safer to check len before calling hex2bin?
add_bootloader_randomness() is safe for all input sizes, and is
written to be callable with len=0 and have no effect. So this function
should be good as-is; there's no need to special case an unlikely
instance that's already handled by add_bootloader_randomness().