libbsd and arc4random()

Alejandro Colomar alx.manpages at gmail.com
Fri Dec 30 12:29:23 UTC 2022


Hi Guillem,

glibc developers consider libbsd's arc4random(3) unsafe, since there are 
situations in which it should drop the buffer but which can't be detected (and 
libbsd's source code seems to acknowledge this).  They added arc4random(3) in 
glibc with kernel support, which is safer to use.

Could you somehow make that libbsd only provide arc4random(3) if glibc doesn't 
provide it?  You'll probably have to use aliases and linker magic, to not load 
your function before the glibc one, I guess.  Or maybe just compile it 
conditionally on the glibc version.

Cheers,

Alex

-- 
<http://www.alejandro-colomar.es/>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.freedesktop.org/archives/libbsd/attachments/20221230/6d36321e/attachment.sig>


More information about the libbsd mailing list