Re: [gdm-list] Security?
- From: Mike Oliver <Mike Oliver Sun COM>
- To: Ray Strode <halfline gmail com>
- Cc: gdm-list gnome org
- Subject: Re: [gdm-list] Security?
- Date: Fri, 30 Nov 2007 15:07:45 -0800
Mike Oliver wrote:
Ray Strode wrote:
Hi,
If it isn't clear (it seems like it's not from your responses) I'm not
tied to the g_rand_* apis at all, though. I'm in the process of
rewriting the code to use /dev/urandom.
I just commtted this patch to subversion:
http://www.gnome.org/~halfline/urandom.patch
In _read_bytes(), the variable 'bytes_left_to_read' is never
initialised. You need something like:
- size_t bytes_left_to_read;
+ size_t bytes_left_to_read = number_of_bytes;
Also, gdm_generate_random_bytes() leaks a file descriptor on
every successful open() of /dev/urandom, which on a working
system will be every time the function is called.
Mike.
--
mike oliver sun com
[
Date Prev][Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
