oss-sec mailing list archives
Re: libxslt math.random issue
From: fche () redhat com (Frank Ch. Eigler)
Date: Fri, 07 Apr 2017 13:50:40 -0400
Florian Weimer wrote:
FWIW, why is glibc not doing srand(RANDOMVECTOR) during startup... :/ The C standard does not allow it. ” If rand is called before any calls to srand have been made, the same sequence shall be generated as when srand is first called with a seed value of 1. ”
Yes, but that does not imply that srand(1) needs to resolve to a build-constant value. https://gitlab.com/fche/randomer salts it with a snippet from /dev/urandom, and stays POSIX-compatible & restartable. - FChE
Current thread:
- libxslt math.random issue Marcus Meissner (Apr 05)
- Re: libxslt math.random issue Florian Weimer (Apr 05)
- Message not available
- Re: libxslt math.random issue Frank Ch. Eigler (Apr 07)
- Re: Re: libxslt math.random issue Florian Weimer (Apr 07)
- Message not available
- Re: libxslt math.random issue Florian Weimer (Apr 05)
- Re: libxslt math.random issue Hanno Böck (Apr 06)
- Re: libxslt math.random issue Marcus Meissner (Apr 06)