BUG: glibc-2.5.1-arc4_prng-2.patch breaks strfry

Robert Connolly robert at linuxfromscratch.org
Wed May 7 20:05:37 PDT 2008


I'm planning to fix this asap, but I want to add a small program to the book 
to test strfry with input, like './test blah'. This would test both strfry 
and arc4random at the same time.

From what I see of strfry's behavior, the length never changes, and the new 
string uses characters from the old, however the new string may use duplicate 
characters if random chance makes it happen. Like "abcd" can become "ccac". 
It's certainly usefull to preserve this behavior. There should be no future 
problems with the new patch. I doubt strfry is, or ever will be, intended for 
security applications, but in spite of this it's still best to use erandom or 
urandom for entropy.

robert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.linuxfromscratch.org/pipermail/hlfs-dev/attachments/20080507/bfb9fb6e/attachment.sig>


More information about the hlfs-dev mailing list