lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date:	Fri, 15 Jun 2007 22:28:40 +0200
From:	Jim Meyering <jim@...ering.net>
To:	linux-ext4@...r.kernel.org
Subject: close /dev/urandom fd (e2fsprogs 1.40-WIP (7-Apr-2007))

The file descriptor opened on /dev/urandom can be closed sooner:

diff -r 11b6e3e021f0 -r 777972a573b3 lib/uuid/ChangeLog
--- a/lib/uuid/ChangeLog	Thu May 31 12:39:02 2007 -0400
+++ b/lib/uuid/ChangeLog	Fri Jun 15 18:05:09 2007 +0200
@@ -1,3 +1,8 @@ 2006-10-22  Theodore Tso  <tytso@....edu
+2007-06-15  Jim Meyering  <jim@...ering.net>
+
+	* gen_uuid.c (get_random_bytes): Don't leave /dev/urandom open.
+	(uuid_generate): Likewise.
+
 2006-10-22  Theodore Tso  <tytso@....edu>
 
 	* gen_uuid.c (get_random_bytes): Add in randomness based on
diff -r 11b6e3e021f0 -r 777972a573b3 lib/uuid/gen_uuid.c
--- a/lib/uuid/gen_uuid.c	Thu May 31 12:39:02 2007 -0400
+++ b/lib/uuid/gen_uuid.c	Fri Jun 15 18:05:09 2007 +0200
@@ -139,6 +139,7 @@ static void get_random_bytes(void *buf, 
 			cp += i;
 			lose_counter = 0;
 		}
+		close(fd);
 	}
 	
 	/*
@@ -337,8 +338,10 @@ void uuid_generate_random(uuid_t out)
  */
 void uuid_generate(uuid_t out)
 {
-	if (get_random_fd() >= 0)
+	int fd;
+	if ((fd = get_random_fd()) >= 0) {
+		close(fd);
 		uuid_generate_random(out);
-	else
+	} else
 		uuid_generate_time(out);
 }

Signed-off-by: Jim Meyering <jim@...ering.net>
-
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists