On 3/14/19 2:43 PM, Philippe Mathieu-Daudé wrote:
> On 3/14/19 4:39 PM, Daniel P. Berrangé wrote:
>> On Wed, Mar 13, 2019 at 09:55:19PM -0700, Richard Henderson wrote:
>>> static void make_challenge(VncState *vs)
>>> {
>>> - int i;
>>> -
>>> - srand(time(NULL)+getpid()+getpid()*987654+rand());
>>> -
>>> - for (i = 0 ; i < sizeof(vs->challenge) ; i++)
>>> - vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0));
>>> + qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge),
>>> &error_fatal);
>>> }
>>
>> Old code would not fail, but the new code can. So make_challenge needs
>> to return an error to the caller, which must then drop the client conn.
>
> Is the old code equivalent to using a NULL errp?
>
> qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), NULL);
No, since it doesn't initialize challenge to anything.
Daniel is right that I must do more to fail the session.
Will be done in v3.
r~
