On Tue, 28.01.14 11:43, Richard Maw (richard....@codethink.co.uk) wrote:
> On Tue, Jan 28, 2014 at 12:27:14PM +0100, Lennart Poettering wrote:
> > On Mon, 27.01.14 20:17, Zbigniew Jędrzejewski-Szmek
> > (zbys...@kemper.freedesktop.org) wrote:
> > > +int mkostemp_safe(char *pattern, int flags) {
> > > + char *s = pattern + strlen(pattern) - 6;
> >
> > I don't really like mixing function calls into variable declarations... :-(
> >
> > > + uint64_t tries = TMP_MAX;
> > > + int randfd, fd, i;
> > > +
> > > + assert(streq(s, "XXXXXX"));
> > > +
> > > + randfd = open("/dev/urandom", O_RDONLY);
> > > + if (randfd < 0)
> > > + return -ENOSYS;
> >
> > There's random_bytes() already, which is similar to this... It might
> > make sense to use that here, maybe with an additional argument that
> > tells it to never fallback to PRNG.
>
> It presumably also doesn't leak the file descriptor for randfd.
Fixed in git.
Lennart
--
Lennart Poettering, Red Hat
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
