vlc | branch: master | Rémi Denis-Courmont <[email protected]> | Sat Sep 21 11:33:44 2019 +0300| [6e6448aa809713402afa0c7409cdf206431bbaf7] | committer: Rémi Denis-Courmont
text: fix bias in vlc_mkstemp() Make the cardinal of the random characters set a power of two so that the random number division does not bias toward certain character. Also use ARRAY_SIZE and fix misleading "digits" variable name. > http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=6e6448aa809713402afa0c7409cdf206431bbaf7 --- src/text/filesystem.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/text/filesystem.c b/src/text/filesystem.c index c0c5218908..989d47cc59 100644 --- a/src/text/filesystem.c +++ b/src/text/filesystem.c @@ -204,8 +204,12 @@ int vlc_scandir( const char *dirname, char ***namelist, int vlc_mkstemp( char *template ) { - static const char digits[] = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ"; - static const int i_digits = sizeof(digits)/sizeof(*digits) - 1; + static const char bytes[] = + "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqstruvwxyz_-"; + static const size_t nbytes = ARRAY_SIZE(bytes) - 1; + + static_assert(((ARRAY_SIZE(bytes) - 1) & (ARRAY_SIZE(bytes) - 2)) == 0, + "statistical bias"); /* */ assert( template ); @@ -228,7 +232,7 @@ int vlc_mkstemp( char *template ) vlc_rand_bytes( pi_rand, sizeof(pi_rand) ); for( int j = 0; j < 6; j++ ) - psz_rand[j] = digits[pi_rand[j] % i_digits]; + psz_rand[j] = bytes[pi_rand[j] % nbytes]; /* */ int fd = vlc_open( template, O_CREAT | O_EXCL | O_RDWR, 0600 ); _______________________________________________ vlc-commits mailing list [email protected] https://mailman.videolan.org/listinfo/vlc-commits
