One problem with substituting strfry() with arc4random() is that with strfry() I think the input and output are always the same length. This could be causing the crashes. I'll look again at the strfry() routine because I think arc4random() can still be used, but I will need test programs/packages to verify. I thought strfry() was a cheap substitute for entropy, but it might be a little more than that.
robert
On Sunday April 27 2008 08:54:40 pm Robert Connolly wrote:
> The intention was to use high quality randomness whereever possible. Do you
> see any way arc4random() can continue to be used? Do you have a test
> program for strfry() so I can test this?
>
> robert
>
> On Sunday April 27 2008 04:34:25 am [EMAIL PROTECTED] wrote:
> > Hi robert,
> >
> > I was reading Glibc patches and found this part:
> >
> > char *
> > strfry (char *string)
> > {
> > ...
> > - return string;
> > + return (char)arc4random();
> > }
> >
> > If you look into manual page or read the deleted code, you may get what
> > is wrong. The strfry() function randomizes the contents of string by
> > using rand(3) to randomly swap characters in the string. The result is an
> > anagram of string. Anagram. Swapped characters. Not to mention that given
> > code will return random character instead of string, which will segfault
> > anything using strfry. Accidentally, strfry is such an exotic thing
> > nobody actually uses it.
> >
> > So, please, just remove that part of the patch. And do not try to use
> > arc4random to generate randomness for swapping. rand(3) is assumed to
> > return same results with the same seed on, at least, the very same
> > machine.
> >
> > Have a nice day.
> > - Mordae
pgp50XVlro2uN.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
