From 1ecea3247d8a6694929ee9bf46b2f94f9dabbb79 Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Wed, 18 Mar 2026 04:21:18 +0000
Subject: nvmutil: don't read urandom fd if fd not open

yeah. obvious bug

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 util/nvmutil/nvmutil.c | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

(limited to 'util')

diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index 8495836f..e6f43da6 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -1051,15 +1051,18 @@ rlong(void)
 	if (fd < 0)
 		fd = open("/dev/random", O_RDONLY | O_BINARY | O_NONBLOCK);
 
-	nr = rw_file_exact(fd, (unsigned char *)&rval,
-	    sizeof(unsigned long), 0, IO_READ, LOOP_EAGAIN,
-	    LOOP_EINTR, MAX_ZERO_RW_RETRY, OFF_ERR);
+	if (fd > -1) {
 
-	if (x_i_close(fd) < 0)
-		err(errno, "Can't close randomness fd");
+		nr = rw_file_exact(fd, (unsigned char *)&rval,
+		    sizeof(unsigned long), 0, IO_READ, LOOP_EAGAIN,
+		    LOOP_EINTR, MAX_ZERO_RW_RETRY, OFF_ERR);
 
-	if (nr == sizeof(unsigned long))
-		return rval;
+		if (x_i_close(fd) < 0)
+			err(errno, "Can't close randomness fd");
+
+		if (nr == sizeof(unsigned long))
+			return rval;
+	}
 
 	return mix;
 }
-- 
cgit v1.2.1