[lmm]

No, there was no bug. The code used an uninitialised array as a place to XOR randomness from various sources into. It didn't initialise the array since there was no value in doing so, because the whole point is to be random anyway.

[LtWorf]

As I said, new kernels zero the pages, an uninitialized area is likely to be zeroed or be rather deterministic.

[lmm]

Which is fine. It's not a bug if it's zero. There's just no point going out of your way to set it to zero when you're only going to xor a bunch of random values into it anyway.

[LtWorf]

The whole issue was caused because it was always zero because the patch zeroed it (:

Can you please read about the issue before commenting more?

[lmm]

> The whole issue was caused because it was always zero because the patch zeroed it (:

No it wasn't. The patch removed the read of the randomness buffer that folded it into another buffer (the MD_Update calls) because Valgrind was warning that the buffer it was reading from had never been initialised.

> Can you please read about the issue before commenting more?

Right back at you.