This is the mail archive of the
mailing list for the glibc project.
[Bug libc/3662] New: Implementation bugs in random_r and friends
- From: "glibcbugs0000 at cneufeld dot ca" <sourceware-bugzilla at sourceware dot org>
- To: glibc-bugs at sources dot redhat dot com
- Date: 5 Dec 2006 19:58:46 -0000
- Subject: [Bug libc/3662] New: Implementation bugs in random_r and friends
- Reply-to: sourceware-bugzilla at sourceware dot org
There are at least two implementation bugs in the random_r class of functions.
First, the random_data structure, being opaque, is typically just allocated on
the stack or malloc()ed. There is no way to create a valid "this is not an old
state vector" structure without knowing the implementation details of the
structure. If the compiler does not initialize the "state" member of the
structure to a value equal to the NULL pointer, the initstate_r() function will
crash as it dereferences whatever non-NULL but invalid value is held there. We
need a method to create a blank random_data object, or the documentation has to
point out that the user is responsible for initializing the "state" member to NULL.
Second, initstate_r() and setstate_r() are documented in their comment blocks as
returning a pointer to the old state, but they do not. There is no documented
way to retrieve the old state in a fashion that allows it to be re-introduced
into the system with setstate_r() at a later time. As such, the setstate_r()
function is essentially unusable.
Summary: Implementation bugs in random_r and friends
AssignedTo: drepper at redhat dot com
ReportedBy: glibcbugs0000 at cneufeld dot ca
CC: glibc-bugs at sources dot redhat dot com
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.