0001606: zcip random number seeding too predictable

BusyBox Bug and Patch Tracking

Viewing Issue Simple Details [ Jump to Notes ]

[ View Advanced ] [ Issue History ] [ Print ]

Category

Severity

Reproducibility

Date Submitted

Last Update

0001606

[BusyBox] Networking Support

minor

sometimes

11-25-07 00:09

11-25-07 04:54

Reporter

icl

View Status

public

Assigned To

BusyBox

Priority

normal

Resolution

fixed

Status

closed

Product Version

1.4.x

Summary

0001606: zcip random number seeding too predictable

Description

Due to a recent change, the random number in zcip is being seeded with the first 4 bytes of the ethernet address (previously, srand48 was being used, and the full ethernet address was used to seed the random number generator).

Now, the first 3 bytes of an ethernet address is the vendor ID, and the last 3 ones are typically assigned sequentially by the manufacturer.

So if busybox zcip is being used on multiple identical devices on the same network, the chance of the first 4 bytes of the mac address being identical is actually quite high.

Suggest to use the last 4 bytes instead (while still not as good as using all 6 bytes, it certainly is much better than the current approach).

Note that for alignment reasons, this means that some byte or uint16 copying will be necessary, but the performance impact of this is negligable, as it is just required once at zcip startup.

Additional Information

Attached Files

Relationships

Notes
(0002959) vda 11-25-07 04:54	Fixed in svn, thanks for the report.

Issue History
Date Modified	Username	Field	Change
11-25-07 00:09	icl	New Issue
11-25-07 00:09	icl	Status	new => assigned
11-25-07 00:09	icl	Assigned To	=> BusyBox
11-25-07 04:54	vda	Status	assigned => closed
11-25-07 04:54	vda	Note Added: 0002959
11-25-07 04:54	vda	Resolution	open => fixed