[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 2 Feb 2013 21:14:30 +0100
From: Szabolcs Nagy <nsz@...t70.net>
To: musl@...ts.openwall.com
Subject: Re: [PATCH] Add support for mkostemp, mkstemps and mkostemps
* Anthony G. Basile <basile@...nsource.dyc.edu> [2013-02-02 13:45:31 -0500]:
> + /* Null terminate the template before the suffix,
> + and save the char for adding back the suffix */
> + char suffix = template[l];
> + template[l] = '\0';
if you set only the XXXXXX part in __randname, then the \0 is unnecessary
> + int fd, retries = 100;
> + while (retries--) {
> + if (!*__randname(template)) return -1;
__randname cannot fail, so the check is unnecessary
> +/* This assumes that a check for the
> + template size has alrady been made */
> +char *__randname(char *template)
> +{
> + struct timespec ts;
> + size_t i, l = strlen(template);
> +
> + /* r is intentially uninialized and 'dirty' */
> + unsigned long r;
> +
it's undefined behaviour so the compiler is allowed to
completely remove the code of this function
if you seen this kind of code somewhere, that's a critical
bug that should be reported
the original address based entropy source was ok
> + clock_gettime(CLOCK_REALTIME, &ts);
> + r += ((uint64_t) ts.tv_nsec << 16) ^ ts.tv_sec;
> + for (i=1; i<=6; i++, r>>=6)
> + template[l-i] = __map_letter(r);
> +
> + return template;
> +}
Powered by blists - more mailing lists
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
