blob: 1ab8225e2be33a6ce9195a0e67382baec40975d4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
|
commit 047a0fd99e64c554c4edf44cc67ee765b09af017
Author: Marcus Meissner <meissner@suse.de>
Date: Tue Apr 4 16:27:39 2017 +0200
initialize the random seed
In libxslt 1.1.29 and earlier, the EXSLT math.random function was
not initialized with a random seed during startup, which could
cause usage of this function to produce predictable outputs.
CVE: CVE-2015-9019
Upstream-Status: Backport [https://bug758400.bugzilla-attachments.gnome.org/attachment.cgi?id=349240&action=diff&collapsed=&context=patch&format=raw&headers=1]
Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
diff --git a/libexslt/math.c b/libexslt/math.c
index 6b24dbe0..b7a8d6e1 100644
--- a/libexslt/math.c
+++ b/libexslt/math.c
@@ -23,6 +23,14 @@
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
#endif
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#include <fcntl.h>
+#ifdef HAVE_TIME_H
+#include <time.h>
+#endif
+
#include "exslt.h"
@@ -474,6 +482,20 @@ static double
exsltMathRandom (void) {
double ret;
int num;
+ long seed;
+ static int randinit = 0;
+
+ if (!randinit) {
+ int fd = open("/dev/urandom",O_RDONLY);
+
+ seed = time(NULL); /* just in case /dev/urandom is not there */
+ if (fd == -1) {
+ read (fd, &seed, sizeof(seed));
+ close (fd);
+ }
+ srand(seed);
+ randinit = 1;
+ }
num = rand();
ret = (double)num / (double)RAND_MAX;
|
