uClibc-20060529-arc4_mktemp-1.patch [^] (4,976 bytes) 05-29-06 02:58 uClibc-20070619-arc4.diff [^] (13,182 bytes) 06-19-07 20:09 
| Anonymous | Login | Signup for a new account | 11-10-2008 11:02 PST |
| Main | My View | View Issues | Change Log | Docs |
| Viewing Issue Simple Details [ Jump to Notes ] | [ View Advanced ] [ Issue History ] [ Print ] | |||||||||||
| ID | Category | Severity | Reproducibility | Date Submitted | Last Update | |||||||
| 0000885 | [uClibc] Security | feature | N/A | 05-29-06 02:58 | 06-19-07 20:10 | |||||||
| Reporter | ashes | View Status | public | |||||||||
| Assigned To | uClibc | |||||||||||
| Priority | normal | Resolution | open | |||||||||
| Status | assigned | Product Version | ||||||||||
| Summary | 0000885: arc4random in mktemp | |||||||||||
| Description | I have attached a patch to configure mktemp(3) to use the arc4random function. While I was at it I fixed some of the SSP grammar. | |||||||||||
| Additional Information | ||||||||||||
| Attached Files |
uClibc-20060529-arc4_mktemp-1.patch [^] (4,976 bytes) 05-29-06 02:58 uClibc-20070619-arc4.diff [^] (13,182 bytes) 06-19-07 20:09 |
|||||||||||
|
|
||||||||||||
 Relationships |
|
|
Notes |
|
|
(0001404) ashes 06-05-06 21:44 |
I uploaded too soon, again. Please wait while I go noodle with a new patch. I have #ifdef'd around inlining problems with gcc3 and arc4random.c; added ifdefs to make arc4random.c portable to uClibc, glibc, and standalone; and added all kinds of menu options for erandom. I made menu choice options to give priority's to /dev/erandom and sysctl erandom in case both are enabled; and another choice option for mktemp in case both /dev/erandom and arc4random are enabled. I've also decided to eliminate the sysctl loop for erandom (which you may or may not remember in the old ssp.c), in light of a new erandom kernel patch which provides 256 byte values (instead of 16 byte). This saves multiple sysctl calls. I also want to verify intel-cc is happy with arc4random.c. |
|
(0002490) ashes 06-19-07 20:10 |
So anyway. Attached is an updated patch. Uses a character array now, with better use of uninitialized variables if it comes down to that. Nicer copyright, from upstream. Added a manual page and a simple test. -Wall -Wformat=2 -W -Wextra gcc41 friendly. There is a new function __arc4_getbyte(), commented out, which is being used by openbsd in malloc.c. It may not be very useless in Linux, because openbsd depends solely on sysctl arandom for entropy, while in Linux sysctl is being phased out of kernel26 so we need to use /dev/urandom and use backup routines if we're in a chroot. So.. __arc4_getbyte() might be too heavy for malloc(), in Linux. I also added a config option to not use /dev/urandom, for headless systems. |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 05-29-06 02:58 | ashes | New Issue | |
| 05-29-06 02:58 | ashes | Status | new => assigned |
| 05-29-06 02:58 | ashes | Assigned To | => uClibc |
| 05-29-06 02:58 | ashes | File Added: uClibc-20060529-arc4_mktemp-1.patch | |
| 05-29-06 03:00 | ashes | Issue Monitored: ashes | |
| 06-05-06 21:44 | ashes | Note Added: 0001404 | |
| 06-19-07 20:09 | ashes | File Added: uClibc-20070619-arc4.diff | |
| 06-19-07 20:10 | ashes | Note Added: 0002490 | |
| Copyright © 2000 - 2006 Mantis Group |  |
