Further to previous comments...
Martin Storsjö <[email protected]> writes:
> static uint32_t get_generic_seed(void)
> {
> + uint8_t tmp[120];
> + struct AVSHA *sha = (void*) tmp;
> clock_t last_t = 0;
POSIX reserves names in the *_t namespace.
> - int bits = 0;
> - uint64_t random = 0;
> - unsigned i;
> - float s = 0.000000000001;
> + static uint64_t i = 0;
> + static uint32_t buffer[512] = { 0 };
> + uint8_t digest[32];
> + uint64_t last_i = i;
>
> - for (i = 0; bits < 64; i++) {
> + assert(sizeof(tmp) >= av_sha_size);
> + for (;;) {
> clock_t t = clock();
> +
> + if (last_t == t) {
> + buffer[i & 511]++;
> + } else {
> + buffer[++i & 511] += (t - last_t) % 3294638521U;
> + if (last_i && i - last_i > 4 || i - last_i > 64)
> + break;
> }
> last_t = t;
> }
clock() returns the CPU time used by the current process in
microseconds, although the actual resolution is unspecified and is
typically nowhere near that accurate. Thus (t - last_t) will always be
whatever actual resolution the system uses.
Furthermore, since a program is likely to call this function at the same
point in every execution, the CPU time it has used when this happens can
hardly be considered random.
All in all, this dance looks very poor in terms of entropy gathering.
> -#ifdef AV_READ_TIME
> - random ^= AV_READ_TIME();
> -#else
> - random ^= clock();
> -#endif
> -
> - random += random >> 32;
>
> - return random;
> + av_sha_init(sha, 160);
> + av_sha_update(sha, (uint8_t*) buffer, sizeof(buffer));
> + av_sha_final(sha, digest);
> + return AV_RB32(digest) + AV_RB32(digest + 32);
This reads outside the buffer.
> }
>
> uint32_t av_get_random_seed(void)
> --
> 1.7.9.5
>
--
Måns Rullgård
[email protected]
_______________________________________________
libav-devel mailing list
[email protected]
https://lists.libav.org/mailman/listinfo/libav-devel
