BUG: glibc-2.5.1-arc4_prng-2.patch breaks strfry

Robert Connolly robert at linuxfromscratch.org
Mon May 5 17:02:41 PDT 2008


I think I have a fix that should prevent me from kicking myself in the butt, 
again:

--- string/strfry.c.orig	2008-05-05 23:56:08.000000000 +0000
+++ string/strfry.c	2008-05-05 23:58:05.000000000 +0000
@@ -32,7 +32,7 @@
     {
       static char state[32];
       rdata.state = NULL;
-      __initstate_r (time ((time_t *) NULL) ^ getpid (),
+      __initstate_r (arc4random(),
 		     state, sizeof (state), &rdata);
       init = 1;
     }

I tested with a small program I found on a Debian mailing list:

#define _GNU_SOURCE /* strfry() */

#include <stdio.h> /* printf() */
#include <stdlib.h> /* malloc() */
#include <string.h> /* strfry(), strncpy() */

int main(int argc, char **argv) {
    char *string;

    string = malloc(sizeof(char) * 8);
    (void) strncpy(string, "bletch", sizeof(char) * 8);

    (void) printf("%s\n", string);
    (void) strncpy(string, "greunk", sizeof(char) * 8);
    (void) strfry(string);
    (void) printf("%s\n", string);

    free(string);
    return 0;
}

Please let me know if this works, or if there are additional comments.

robert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20080505/2c07d3bc/attachment.sig>


More information about the hlfs-dev mailing list