From c0be37d4e31d6e244dc398aef827a0e2f1f0f856 Mon Sep 17 00:00:00 2001
From: Landon Curt Noll <github-mail@asthe.com>
Date: Thu, 9 Dec 2021 01:12:44 -0800
Subject: [PATCH] Added paranoia size limited code for seed() builtin.

Just to be padanticly sure, we prevent seed() from
ever returning a value >= 2^64.
---
 seed.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/seed.c b/seed.c
index 57c19be..4f1002f 100644
--- a/seed.c
+++ b/seed.c
@@ -716,6 +716,18 @@ pseudo_seed(void)
     memset(hash.v, 0, hash.len*sizeof(HALF));	/* paranoia */
     hash.sign = 0;
     memcpy((void *)hash.v, (void *)&hash_val, sizeof(hash_val));
+
+    /*
+     * Force the hash as ZVALUE to be at most, 64 bits long.
+     * It is almost certainly the case that the hash as ZVALUE
+     * is at most 64 bits in length: this code guarantees it.
+     *
+     * BTW: One can safely assume that 64 is an integer multiple of BASEB:
+     *	    likely 4, 2, or 1 times BASEB.
+     */
+    if (hash.len > 64/BASEB) {
+	hash.len = 64/BASEB;
+    }
     ztrim(&hash);
 
     /*