diff options
author | Yasuhiro Matsumoto <mattn.jp@gmail.com> | 2022-12-05 21:55:55 +0000 |
---|---|---|
committer | Bram Moolenaar <Bram@vim.org> | 2022-12-05 21:55:55 +0000 |
commit | f0a9c004825ab686270ee57260652cce25e61049 (patch) | |
tree | e1e2abb369c58ae0057276158931822f8d39f5e6 /src/evalfunc.c | |
parent | 25201016d5043954689a4c9f7833935294149404 (diff) |
patch 9.0.1015: without /dev/urandom srand() seed is too predictablev9.0.1015
Problem: Without /dev/urandom srand() seed is too predictable.
Solution: Use micro seconds and XOR with process ID. (Yasuhiro Matsumoto,
closes #11656)
Diffstat (limited to 'src/evalfunc.c')
-rw-r--r-- | src/evalfunc.c | 27 |
1 files changed, 25 insertions, 2 deletions
diff --git a/src/evalfunc.c b/src/evalfunc.c index 0b2ba00b6e..428c4cb2b2 100644 --- a/src/evalfunc.c +++ b/src/evalfunc.c @@ -8159,9 +8159,32 @@ init_srand(UINT32_T *x) } } if (dev_urandom_state != OK) - // Reading /dev/urandom doesn't work, fall back to time(). #endif - *x = vim_time(); + { + // Reading /dev/urandom doesn't work, fall back to: + // - randombytes_random() + // - reltime() or time() + // - XOR with process ID +#if defined(FEAT_SODIUM) + if (sodium_init() >= 0) + *x = randombytes_random(); + else +#endif + { +#if defined(FEAT_RELTIME) + proftime_T res; + profile_start(&res); +# if defined(MSWIN) + *x = (UINT32_T)res.LowPart; +# else + *x = (UINT32_T)res.tv_usec; +# endif +#else + *x = vim_time(); +#endif + *x ^= mch_get_pid(); + } + } } #define ROTL(x, k) (((x) << (k)) | ((x) >> (32 - (k)))) |