On Tue, Jan 28, 2014 at 12:27:14PM +0100, Lennart Poettering wrote:
> On Mon, 27.01.14 20:17, Zbigniew Jędrzejewski-Szmek
> (zbys...@kemper.freedesktop.org) wrote:
> > +int mkostemp_safe(char *pattern, int flags) {
> > + char *s = pattern + strlen(pattern) - 6;
>
> I don't really like mixing function calls into variable declarations... :-(
>
> > + uint64_t tries = TMP_MAX;
> > + int randfd, fd, i;
> > +
> > + assert(streq(s, "XXXXXX"));
> > +
> > + randfd = open("/dev/urandom", O_RDONLY);
> > + if (randfd < 0)
> > + return -ENOSYS;
>
> There's random_bytes() already, which is similar to this... It might
> make sense to use that here, maybe with an additional argument that
> tells it to never fallback to PRNG.
It presumably also doesn't leak the file descriptor for randfd.
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
