From: Oliver Kurth <okurth@vmware.com>
Date: Wed, 30 Oct 2019 18:18:23 +0000 (-0700)
Subject: Fix issue reported by Coverity scan in deployPkg
X-Git-Tag: stable-11.1.0~170
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=00c27c23b848b08548a37e2439f4b5a1b3e6d98e;p=thirdparty%2Fopen-vm-tools.git

Fix issue reported by Coverity scan in deployPkg

rand() should not be used for security-related applications, because
linear congruential algorithms are too easy to break.  Use a compliant
random number generator, such as /dev/random or /dev/urandom on
Unix-like systems, and CNG (Cryptography API: Next Generation) on Windows.
---

diff --git a/open-vm-tools/services/plugins/deployPkg/deployPkg.c b/open-vm-tools/services/plugins/deployPkg/deployPkg.c
index 8735cb6c4..449ad093c 100644
--- a/open-vm-tools/services/plugins/deployPkg/deployPkg.c
+++ b/open-vm-tools/services/plugins/deployPkg/deployPkg.c
@@ -32,6 +32,7 @@
 #endif
 
 #include "file.h"
+#include "random.h"
 #include "str.h"
 #include "util.h"
 #include "unicodeBase.h"
@@ -361,6 +362,7 @@ DeployPkgGetTempDir(void)
    char *dir = NULL;
    char *newDir = NULL;
    Bool found = FALSE;
+   int randIndex;
 #ifndef _WIN32
    /*
     * PR 2115630. On Linux, use /var/run or /run directory
@@ -396,8 +398,12 @@ DeployPkgGetTempDir(void)
    /* Make a temporary directory to hold the package. */
    while (!found && i < 10) {
       free(newDir);
+      if (!Random_Crypto(sizeof(randIndex), &randIndex)) {
+         g_warning("%s: Random_Crypto failed\n", __FUNCTION__);
+         goto exit;
+      }
       newDir = Str_Asprintf(NULL, "%s%s%08x%s",
-                            dir, DIRSEPS, rand(), DIRSEPS);
+                            dir, DIRSEPS, randIndex, DIRSEPS);
       if (newDir == NULL) {
          g_warning("%s: Str_Asprintf failed\n", __FUNCTION__);
          goto exit;