diff options
Diffstat (limited to 'seed.patch')
-rw-r--r-- | seed.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/seed.patch b/seed.patch new file mode 100644 index 000000000000..01fb6d1f7301 --- /dev/null +++ b/seed.patch @@ -0,0 +1,39 @@ +commit 406bc7d04fa085667b86276d65ddaa8ca47a28e0 +Author: Narrat <autumn-wind@web.de> +Date: Tue Apr 4 02:08:02 2017 +0200 + + Avoid using a time based seed for srand + + Knowing the time would made it possible to replicate the generated password(s). + Still the pseudeo rng should be replaced + +diff --git a/src/correcthorse.c b/src/correcthorse.c +index 506e8db..46b1995 100644 +--- a/src/correcthorse.c ++++ b/src/correcthorse.c +@@ -15,6 +15,7 @@ + #include <time.h> + #include <string.h> + #include <ctype.h> ++#include <sys/random.h> + + #ifdef _GNU_SOURCE + #include <getopt.h> +@@ -31,10 +32,16 @@ static void print_version(char *argv0); + static size_t rand_index(size_t n) + { + static int seed = 0; ++ long seed_feed[1]; ++ int ret=0; + + if (!seed) + { +- srand(time(NULL)); ++ ret = getrandom(seed_feed, sizeof(long), 0); ++ if (ret <= 0) { ++ printf("Error: Something went wrong. If passwords got generated avoid using them\n"); ++ } ++ srand(*seed_feed); + seed = 1; + } + |