patch 9.0.1015: without /dev/urandom srand() seed is too predictablev9.0.1015

Problem: Without /dev/urandom srand() seed is too predictable. Solution: Use micro seconds and XOR with process ID. (Yasuhiro Matsumoto, closes #11656)
author: Yasuhiro Matsumoto <mattn.jp@gmail.com> 2022-12-05 21:55:55 +0000
committer: Bram Moolenaar <Bram@vim.org> 2022-12-05 21:55:55 +0000
commit: f0a9c004825ab686270ee57260652cce25e61049 (patch)
tree: e1e2abb369c58ae0057276158931822f8d39f5e6 /src/evalfunc.c
parent: 25201016d5043954689a4c9f7833935294149404 (diff)
1 files changed, 25 insertions, 2 deletions
diff --git a/src/evalfunc.c b/src/evalfunc.c
index 0b2ba00b6e..428c4cb2b2 100644
--- a/src/evalfunc.c
+++ b/src/evalfunc.c
@@ -8159,9 +8159,32 @@ init_srand(UINT32_T *x)
 	}
     }
     if (dev_urandom_state != OK)
-	// Reading /dev/urandom doesn't work, fall back to time().
 #endif
-	*x = vim_time();
+    {
+	// Reading /dev/urandom doesn't work, fall back to:
+	// - randombytes_random()
+	// - reltime() or time()
+	// - XOR with process ID
+#if defined(FEAT_SODIUM)
+	if (sodium_init() >= 0)
+	    *x = randombytes_random();
+	else
+#endif
+	{
+#if defined(FEAT_RELTIME)
+	    proftime_T res;
+	    profile_start(&res);
+#  if defined(MSWIN)
+	    *x = (UINT32_T)res.LowPart;
+#  else
+	    *x = (UINT32_T)res.tv_usec;
+#  endif
+#else
+	    *x = vim_time();
+#endif
+	    *x ^= mch_get_pid();
+	}
+    }
 }
 
 #define ROTL(x, k) (((x) << (k)) | ((x) >> (32 - (k))))
author	Yasuhiro Matsumoto <mattn.jp@gmail.com>	2022-12-05 21:55:55 +0000
committer	Bram Moolenaar <Bram@vim.org>	2022-12-05 21:55:55 +0000
commit	f0a9c004825ab686270ee57260652cce25e61049 (patch)
tree	e1e2abb369c58ae0057276158931822f8d39f5e6 /src/evalfunc.c
parent	25201016d5043954689a4c9f7833935294149404 (diff)