blob: 01fb6d1f7301e9dfe93fdbdc9bc393bd417685f8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
|
commit 406bc7d04fa085667b86276d65ddaa8ca47a28e0
Author: Narrat <autumn-wind@web.de>
Date: Tue Apr 4 02:08:02 2017 +0200
Avoid using a time based seed for srand
Knowing the time would made it possible to replicate the generated password(s).
Still the pseudeo rng should be replaced
diff --git a/src/correcthorse.c b/src/correcthorse.c
index 506e8db..46b1995 100644
--- a/src/correcthorse.c
+++ b/src/correcthorse.c
@@ -15,6 +15,7 @@
#include <time.h>
#include <string.h>
#include <ctype.h>
+#include <sys/random.h>
#ifdef _GNU_SOURCE
#include <getopt.h>
@@ -31,10 +32,16 @@ static void print_version(char *argv0);
static size_t rand_index(size_t n)
{
static int seed = 0;
+ long seed_feed[1];
+ int ret=0;
if (!seed)
{
- srand(time(NULL));
+ ret = getrandom(seed_feed, sizeof(long), 0);
+ if (ret <= 0) {
+ printf("Error: Something went wrong. If passwords got generated avoid using them\n");
+ }
+ srand(*seed_feed);
seed = 1;
}
|