From c5046b59eff5dbbc605185fc24e9907f8e2b5b48 Mon Sep 17 00:00:00 2001
From: tobi <tobi.smethurst@protonmail.com>
Date: Mon, 7 Apr 2025 14:55:18 +0200
Subject: [PATCH] use io.ReadFull

---
 internal/processing/user/twofactor.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/internal/processing/user/twofactor.go b/internal/processing/user/twofactor.go
index 74aef4920..28c089e10 100644
--- a/internal/processing/user/twofactor.go
+++ b/internal/processing/user/twofactor.go
@@ -145,7 +145,7 @@ func (p *Processor) TwoFactorQRCodeURIGet(
 		// We do! Read some random crap.
 		// 32 bytes should be plenty entropy.
 		secret := make([]byte, 32)
-		if _, err := rand.Read(secret); err != nil {
+		if _, err := io.ReadFull(rand.Reader, secret); err != nil {
 			err := gtserror.Newf("error generating new secret: %w", err)
 			return nil, gtserror.NewErrorInternalError(err)
 		}