diff options
author | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2019-07-25 11:22:17 -0300 |
---|---|---|
committer | Adhemerval Zanella <adhemerval.zanella@linaro.org> | 2019-08-01 08:09:08 -0300 |
commit | e1df30fbc2e2167a982c0e77a7ebee28f4dd0800 (patch) | |
tree | 3803d6ed28b9ddbcf64baf3f46565489ee8484d0 | |
parent | 0b8c2f95df589c9c1ad25312475049bcc7ed7059 (diff) | |
download | glibc-e1df30fbc2e2167a982c0e77a7ebee28f4dd0800.tar.gz glibc-e1df30fbc2e2167a982c0e77a7ebee28f4dd0800.tar.xz glibc-e1df30fbc2e2167a982c0e77a7ebee28f4dd0800.zip |
Get new entropy on each attempt __gen_tempname (BZ #15813)
This is missing bit for fully fix BZ#15813 (the other two were fixed by 359653aaacad463). Checked on x86_64-linux-gnu. [BZ #15813] sysdeps/posix/tempname.c (__gen_tempname): get entrypy on each attempt.
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | sysdeps/posix/tempname.c | 13 |
2 files changed, 12 insertions, 7 deletions
diff --git a/ChangeLog b/ChangeLog index cdb9e14881..17918a129c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +2019-08-01 Adhemerval Zanella <adhemerval.zanella@linaro.org> + + [BZ #15813] + sysdeps/posix/tempname.c (__gen_tempname): get entropy on each + attempt. + 2019-08-01 Carlos O'Donell <carlos@redhat.com> * version.h (RELEASE): Set to "stable". diff --git a/sysdeps/posix/tempname.c b/sysdeps/posix/tempname.c index de346949b2..310df3c4ca 100644 --- a/sysdeps/posix/tempname.c +++ b/sysdeps/posix/tempname.c @@ -186,7 +186,6 @@ __gen_tempname (char *tmpl, int suffixlen, int flags, int kind) { int len; char *XXXXXX; - uint64_t value; unsigned int count; int fd = -1; int save_errno = errno; @@ -218,13 +217,13 @@ __gen_tempname (char *tmpl, int suffixlen, int flags, int kind) /* This is where the Xs start. */ XXXXXX = &tmpl[len - 6 - suffixlen]; - /* Get some more or less random data. */ - RANDOM_BITS (value); - value ^= (uint64_t)__getpid () << 32; - - for (count = 0; count < attempts; value += 7777, ++count) + uint64_t pid = (uint64_t) __getpid () << 32; + for (count = 0; count < attempts; ++count) { - uint64_t v = value; + uint64_t v; + /* Get some more or less random data. */ + RANDOM_BITS (v); + v ^= pid; /* Fill in the random bits. */ XXXXXX[0] = letters[v % 62]; |