BUG: glibc-2.5.1-arc4_prng-2.patch breaks strfry

mordae at anilinux.org mordae at anilinux.org
Sun Apr 27 01:34:25 PDT 2008


Hi robert,

	I was reading Glibc patches and found this part:

 char *
 strfry (char *string)
 {
...
-  return string;
+  return (char)arc4random();
 }

	If you look into manual page or read the deleted code, you may get what
is wrong. The  strfry() function randomizes the contents of string by using
rand(3) to randomly swap characters in the string. The result is an anagram of
string. Anagram. Swapped characters. Not to mention that given code will return
random character instead of string, which will segfault anything using strfry.
Accidentally, strfry is such an exotic thing nobody actually uses it.

	So, please, just remove that part of the patch. And do not try to use
arc4random to generate randomness for swapping. rand(3) is assumed to return
same results with the same seed on, at least, the very same machine.

Have a nice day.
	- Mordae



More information about the hlfs-dev mailing list