Opened 3 years ago

Last modified 2 years ago

#3678 new defect

remove random() from the source

Reported by: wlodekwencel Owned by:
Priority: medium Milestone: Outstanding Tasks
Component: crypto Version: git
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity: N/A
Sub-Project: DHCP Feature Depending on Ticket:
Estimated Difficulty: 0 Add Hours to Ticket: 0
Total Hours: 0 Internal?: no

Description

Replace random() in /src/lib/util/range_utilities.h and /src/bin/perfdhcp/packet_storage.h to /dev/random as 'security best practice'

Coverity bugs no. 1232277 and 1232279

Subtickets

Change History (4)

comment:1 Changed 3 years ago by fdupont

It is far to be so simple and BTW /dev/random (vs. /dev/urandom) can block. Please consider #3474 too (as you can expect I'd prefer this solution)...

comment:2 Changed 3 years ago by tomek

  • Milestone changed from Kea-proposed to DHCP Outstanding Tasks

comment:3 Changed 3 years ago by sar

The perfdhcp/packet_storage.h code doesn't truly need a crypto level RNG.

comment:4 Changed 2 years ago by tomek

  • Milestone changed from DHCP Outstanding Tasks to Outstanding Tasks

Milestone renamed

Note: See TracTickets for help on using tickets.