diff options
author | Tedd Ho-Jeong An <tedd.an@intel.com> | 2021-12-08 14:39:19 -0800 |
---|---|---|
committer | Luiz Augusto von Dentz <luiz.von.dentz@intel.com> | 2021-12-08 16:56:17 -0800 |
commit | df64c87022246022340f0f572b2737cd7ff886f8 (patch) | |
tree | 2075c058daf47235341ca9ab7fb8bd79af2a3d25 /emulator/phy.c | |
parent | 433f7cce3bc68a05bc7a977aa8e130065872ef3d (diff) | |
download | bluez-df64c87022246022340f0f572b2737cd7ff886f8.tar.gz |
emulator: Replace random number generation function
This patch replaces the rand() function to the getrandom() syscall.
It was reported by the Coverity scan
rand() should not be used for security-related applications, because
linear congruential algorithms are too easy to break
Diffstat (limited to 'emulator/phy.c')
-rw-r--r-- | emulator/phy.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/emulator/phy.c b/emulator/phy.c index 2ae6ad3a2..44cace438 100644 --- a/emulator/phy.c +++ b/emulator/phy.c @@ -19,6 +19,7 @@ #include <stdlib.h> #include <string.h> #include <sys/socket.h> +#include <sys/random.h> #include <netinet/in.h> #include <netinet/ip.h> #include <time.h> @@ -173,8 +174,13 @@ struct bt_phy *bt_phy_new(void) mainloop_add_fd(phy->rx_fd, EPOLLIN, phy_rx_callback, phy, NULL); if (!get_random_bytes(&phy->id, sizeof(phy->id))) { - srandom(time(NULL)); - phy->id = random(); + if (getrandom(&phy->id, sizeof(phy->id), 0) < 0) { + mainloop_remove_fd(phy->rx_fd); + close(phy->tx_fd); + close(phy->rx_fd); + free(phy); + return NULL; + } } bt_phy_send(phy, BT_PHY_PKT_NULL, NULL, 0); |