Date: prev next · Thread: first prev next last
2017 Archives by date, by thread · List index


On 07.12.2017 02:59, Thorsten Behrens wrote:
Hi Stephan, dear fellow hackers,

there's a chunk of places in the code, where (cargo-culted?) a random
pool gets fed with current system time, presumably to seed it with
enough entropy:

    TimeValue aTime;
    osl_getSystemTime( &aTime );
    rtlRandomPool aRandomPool = rtl_random_createPool ();
    rtl_random_addBytes ( aRandomPool, &aTime, 8 );

Then again, initPool() in sal/rtl/random.cxx already does the same, so
that really looks redundant?

yes, definitely.

tbh i'd want to remove initPool, which is just a fallback path, as well
and just abort if osl_get_system_random_data fails; if you don't have
/dev/urandom you can always fall back on the standard text editor ed(1).


-- 
DDJ: You've mentioned Edsger Dijkstra. What do you think of his work?
DK:  His great strength is that he is uncompromising. It would make
     him physically ill to think of programming in C++.


Context


Privacy Policy | Impressum (Legal Info) | Copyright information: Unless otherwise specified, all text and images on this website are licensed under the Creative Commons Attribution-Share Alike 3.0 License. This does not include the source code of LibreOffice, which is licensed under the Mozilla Public License (MPLv2). "LibreOffice" and "The Document Foundation" are registered trademarks of their corresponding registered owners or are in actual use as trademarks in one or more countries. Their respective logos and icons are also subject to international copyright laws. Use thereof is explained in our trademark policy.