530f91a42307f33c9dd43a7d0c802b3fa469beec
Author: Rainer Gerhards <[email protected]>
Date: Tue Feb 2 15:51:52 2016 +0100
prevent a clang static analyzer warning
The static analyzer correctly complains about "garbagge
value being used", but this is exactly what we want. The
code in question is a fallback when we cannot obtain any
other source of randomness for cryptography needs.
If there is absolutely no source of randomness, cryptography should abort, not
use whatever value happens to be in ram (which should be 0)
If urandom isn't available, abort with a clear message that access to it is
required, don't silently use garbage to initialize the cryptography.
David Lang
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
