]> git.ipfire.org Git - thirdparty/snort3.git/commitdiff
Merge pull request #2503 in SNORT/snort3 from ~OKHOMIAK/snort3:ipv4_codec_seed_fix...
authorBhagya Tholpady (bbantwal) <bbantwal@cisco.com>
Thu, 8 Oct 2020 18:54:13 +0000 (18:54 +0000)
committerBhagya Tholpady (bbantwal) <bbantwal@cisco.com>
Thu, 8 Oct 2020 18:54:13 +0000 (18:54 +0000)
Squashed commit of the following:

commit e78a4bc6b5663229ec919a626ad8c942c0d3734e
Author: Oleksii Khomiakovskyi <okhomiak@cisco.com>
Date:   Mon Sep 28 11:54:51 2020 +0300

    utils: add a generic function to get random seeds

    If std::random_device fails with an exception,
    the system clock is used as an alternative source.

src/codecs/ip/cd_ipv4.cc
src/stream/flush_bucket.cc
src/utils/util.cc
src/utils/util.h

index 41cb8466283c8349bbc2c8a2c316cb77a62ae6d6..3d63e9ac4627302ccf3cecac2e4d0f07e8a985a8 100644 (file)
@@ -38,6 +38,7 @@
 #include "protocols/ipv4_options.h"
 #include "protocols/tcp.h"
 #include "sfip/sf_ipvar.h"
+#include "utils/util.h"
 
 #include "checksum.h"
 
@@ -742,13 +743,7 @@ static void ipv4_codec_gterm()
 
 static void ipv4_codec_tinit()
 {
-    std::random_device rd; // for a good seed
-    auto id = rd();
-
-    if (SnortConfig::static_hash())
-        id = 1;
-
-    thread_rand = new std::mt19937(id);
+    thread_rand = new std::mt19937(SnortConfig::static_hash() ? 1 : get_random_seed());
 }
 
 static void ipv4_codec_tterm()
index c1d4195f5fb6ae85f8da4752008ad443969b6aca..bb8d8427197c093417cf13e31f2372c96fde6111 100644 (file)
@@ -27,6 +27,7 @@
 #include <random>
 
 #include "main/snort_config.h"
+#include "utils/util.h"
 
 using namespace snort;
 
@@ -114,8 +115,7 @@ StaticFlushBucket::StaticFlushBucket()
 
 RandomFlushBucket::RandomFlushBucket()
 {
-    std::random_device random_dev;
-    std::default_random_engine generator(random_dev());
+    std::default_random_engine generator(get_random_seed());
     std::uniform_int_distribution<int> distribution(128, 255);
 
     for ( int i = 0; i < NUM_FLUSH_POINTS; i++ )
index 2c4208038832deb699e0c3d7922afdfbe470c455..e6c02ac0f7286cbeeb5ae4fd294d9d21db31ab25 100644 (file)
@@ -53,7 +53,9 @@ extern "C" {
 #include <daq.h>
 }
 
+#include <chrono>
 #include <fstream>
+#include <random>
 
 #include "log/messages.h"
 #include "main/build.h"
@@ -459,6 +461,19 @@ bool EnterChroot(std::string& root_dir, std::string& log_dir)
     return true;
 }
 
+unsigned int get_random_seed()
+{
+    unsigned int seed;
+
+    try {
+        seed = std::random_device{}();
+    } catch ( const std::exception& ) {
+        seed = std::chrono::system_clock::now().time_since_epoch().count();
+    }
+
+    return seed;
+}
+
 #if defined(NOCOREFILE)
 void SetNoCores()
 {
index ab439d91da35bbcfa41e67ba46dac2a401daa385..6489ea1b453ea5c3b96f13538af7fc8bb762e0a1 100644 (file)
@@ -54,6 +54,7 @@ bool SetUidGid(int, int);
 void InitGroups(int, int);
 bool EnterChroot(std::string& root_dir, std::string& log_dir);
 void InitProtoNames();
+unsigned int get_random_seed();
 
 #if defined(NOCOREFILE)
 void SetNoCores();