Re: 2.06 (Solaris bug)

[Fyodor <fyodor () dhp com>]

On Mon, 8 Feb 1999, Bryan Blackburn wrote:

> rand() on Solaris returns a range of 0 to (2^15)-1, which causes the
> above code to have 16 bits of zeros every other 16 bits.  When a short
> is needed, it'll get 0, hence the infinite loop on
>
>       while(!id) id = get_random_uint();

Thanks for tracking this down!  I have uploaded nmap 2.07 to the normal
http://www.insecure.org/nmap/dist/nmap-2.07.tgz (and .src.rpm and
.i386.rpm).  The only change is your fix.

Note that this problem will only affect users of the legacy systems which
don't support /dev/random or /dev/urandom.  If you are running Linux,
FreeBSD, or OpenBSD (with a default or reasonably configured kernel), then
there is no need to upgrade from 2.06 to 2.07.

Cheers,
Fyodor

--
Fyodor                            'finger pgp () www insecure org | pgp -fka'
Frustrated by firewalls?          Try nmap: http://www.insecure.org/nmap/
The cow is quick.  The cow is intellegent.  The cow has learned to
recognize our truck. --Raman Kumar Sharma, New Delhi cheif cow catcher