From 19f39728a0800bee64e54b5abfff555714a77f46 Mon Sep 17 00:00:00 2001 From: Alberto Leiva Popper Date: Wed, 3 Jul 2024 12:26:59 -0600 Subject: [PATCH] rand_r(): Separate seed and random number Enforces originally intended usage of rand_r()'s API. Mostly just paranoia, maybe. --- src/object/manifest.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/src/object/manifest.c b/src/object/manifest.c index 779d2f40..bee421ce 100644 --- a/src/object/manifest.c +++ b/src/object/manifest.c @@ -194,13 +194,13 @@ build_rpp(struct Manifest *mft, struct rpki_uri *notif, struct rpki_uri *mft_uri, struct rpp **pp) { char const *tal; - int i, j; + unsigned int i, j; struct FileAndHash *fah, *tmpfah; struct rpki_uri *uri; int error; - unsigned int rnd; + unsigned int seed, rnd; - rnd = time(NULL) ^ getpid(); + seed = time(NULL) ^ getpid(); *pp = rpp_create(); @@ -208,7 +208,7 @@ build_rpp(struct Manifest *mft, struct rpki_uri *notif, /* Fisher-Yates shuffle with modulo bias */ for (i = 0; i < mft->fileList.list.count - 1; i++) { - rnd = rand_r(&rnd); + rnd = rand_r(&seed); j = i + rnd % (mft->fileList.list.count - i); tmpfah = mft->fileList.list.array[j]; mft->fileList.list.array[j] = mft->fileList.list.array[i]; -- 2.47.3