Skip to site navigation (Press enter)

[webkit-changes] [219119] trunk/Source/WTF

utatane . tea Tue, 04 Jul 2017 10:43:57 -0700

Title: [219119] trunk/Source/WTF

Revision: 219119
Author: [email protected]
Date: 2017-07-04 10:43:18 -0700 (Tue, 04 Jul 2017)

Log Message

[WTF] Initialize srandom and srand with cryptographically random number
https://bugs.webkit.org/show_bug.cgi?id=174123


Reviewed by Mark Lam.

Use cryptographically random number instead of current time as a seed.

* wtf/RandomNumberSeed.h:
(WTF::initializeRandomNumberGenerator):

Modified Paths

trunk/Source/WTF/ChangeLog
trunk/Source/WTF/wtf/RandomNumberSeed.h

Diff

Modified: trunk/Source/WTF/ChangeLog (219118 => 219119)


--- trunk/Source/WTF/ChangeLog	2017-07-04 14:02:42 UTC (rev 219118)
+++ trunk/Source/WTF/ChangeLog	2017-07-04 17:43:18 UTC (rev 219119)
@@ -1,3 +1,15 @@
+2017-07-04  Yusuke Suzuki  <[email protected]>
+
+        [WTF] Initialize srandom and srand with cryptographically random number
+        https://bugs.webkit.org/show_bug.cgi?id=174123
+
+        Reviewed by Mark Lam.
+
+        Use cryptographically random number instead of current time as a seed.
+
+        * wtf/RandomNumberSeed.h:
+        (WTF::initializeRandomNumberGenerator):
+
 2017-07-04  Joseph Pecoraro  <[email protected]>
 
         Xcode duplicate UUID for DisallowCType.h and DispatchPtr.h

Modified: trunk/Source/WTF/wtf/RandomNumberSeed.h (219118 => 219119)


--- trunk/Source/WTF/wtf/RandomNumberSeed.h	2017-07-04 14:02:42 UTC (rev 219118)
+++ trunk/Source/WTF/wtf/RandomNumberSeed.h	2017-07-04 17:43:18 UTC (rev 219119)
@@ -28,6 +28,7 @@
 
 #include <stdlib.h>
 #include <time.h>
+#include <wtf/CryptographicallyRandomNumber.h>
 
 #if HAVE(SYS_TIME_H)
 #include <sys/time.h>
@@ -47,12 +48,9 @@
 #elif COMPILER(MSVC) && defined(_CRT_RAND_S)
     // On Windows we use rand_s which initialises itself
 #elif OS(UNIX)
-    // srandomdev is not guaranteed to exist on linux so we use this poor seed, this should be improved
-    timeval time;
-    gettimeofday(&time, 0);
-    srandom(static_cast<unsigned>(time.tv_usec * getpid()));
+    srandom(cryptographicallyRandomNumber());
 #else
-    srand(static_cast<unsigned>(time(0)));
+    srand(cryptographicallyRandomNumber());
 #endif
 
 }

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes