From 9a22102fa8b1ce47571d5bba71e8f36895d21bf0 Mon Sep 17 00:00:00 2001
From: kim <89579420+NyaaaWhatsUpDoc@users.noreply.github.com>
Date: Thu, 22 Jun 2023 20:46:36 +0100
Subject: [bugfix/chore] oauth entropy fix + media cleanup tasks rewrite
 (#1853)

---
 internal/db/bundb/session.go | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

(limited to 'internal/db/bundb/session.go')

diff --git a/internal/db/bundb/session.go b/internal/db/bundb/session.go
index 6d900d75a..9a4256de5 100644
--- a/internal/db/bundb/session.go
+++ b/internal/db/bundb/session.go
@@ -20,6 +20,7 @@ package bundb
 import (
 	"context"
 	"crypto/rand"
+	"io"
 
 	"github.com/superseriousbusiness/gotosocial/internal/db"
 	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
@@ -52,13 +53,11 @@ func (s *sessionDB) GetSession(ctx context.Context) (*gtsmodel.RouterSession, db
 }
 
 func (s *sessionDB) createSession(ctx context.Context) (*gtsmodel.RouterSession, db.Error) {
-	auth := make([]byte, 32)
-	crypt := make([]byte, 32)
+	buf := make([]byte, 64)
+	auth := buf[:32]
+	crypt := buf[32:64]
 
-	if _, err := rand.Read(auth); err != nil {
-		return nil, err
-	}
-	if _, err := rand.Read(crypt); err != nil {
+	if _, err := io.ReadFull(rand.Reader, buf); err != nil {
 		return nil, err
 	}
 
-- 
cgit v1.2.3