app-layer-htp, stream-tcp: prevent modulo bias in RandomGetWrap()

RAND_MAX is not guaranteed to be a divisor of ULONG_MAX, so take the
necessary precautions to get unbiased random numbers. Although the
bias might be negligible, it's not advisable to rely on it.

diff --git a/src/app-layer-htp.c b/src/app-layer-htp.c
index d8a33088563fd981b25d1ef5fd7dfb740a00a237..b81b557eb4aa3a52e48a22d1f0868cb0edffa9aa 100644 (file)
--- a/src/app-layer-htp.c
+++ b/src/app-layer-htp.c
@@ -2213,9 +2213,13 @@ static void HTPConfigSetDefaultsPhase1(HTPCfgRec *cfg_prec)
  */
 static int RandomGetWrap(void)
 {
-    long int r = RandomGet();
-    int r_int = r % (long int)RAND_MAX;
-    return abs(r_int);
+    unsigned long r;
+
+    do {
+        r = RandomGet();
+    } while(r >= ULONG_MAX - (ULONG_MAX % RAND_MAX));
+
+    return r % RAND_MAX;
 }
 
 /*

diff --git a/src/stream-tcp.c b/src/stream-tcp.c
index ae4379f35553db84c3f9cda1ddbc748ae0d97a46..20a73fcd35b05a584dcddc0dbeeea51babb7ffbd 100644 (file)
--- a/src/stream-tcp.c
+++ b/src/stream-tcp.c
@@ -317,9 +317,13 @@ int StreamTcpInlineDropInvalid(void)
  */
 static int RandomGetWrap(void)
 {
-    long int r = RandomGet();
-    int r_int = r % (long int)RAND_MAX;
-    return abs(r_int);
+    unsigned long r;
+
+    do {
+        r = RandomGet();
+    } while(r >= ULONG_MAX - (ULONG_MAX % RAND_MAX));
+
+    return r % RAND_MAX;
 }
 
 /** \brief          To initialize the stream global configuration data