CVE-2018-4700: Linux session cookies used a predictable random number seed.

author: Michael R Sweet <michael.r.sweet@gmail.com> 2018-12-07 12:08:27 -0500
committer: Michael R Sweet <michael.r.sweet@gmail.com> 2018-12-07 12:08:27 -0500
commit: b9ff93ce913ff633a3f667317e5a81fa7fe0d5d3 (patch)
tree: 70ea38287af1e7f3c5156400c52fbfa4c7645ac3 /cgi-bin
parent: 46637f30d7f7cb92ea72e75e4a518dd150138269 (diff)
download: cups-b9ff93ce913ff633a3f667317e5a81fa7fe0d5d3.tar.gz
1 files changed, 3 insertions, 1 deletions
diff --git a/cgi-bin/var.c b/cgi-bin/var.c
index 316b67f05..12f3c8344 100644
--- a/cgi-bin/var.c
+++ b/cgi-bin/var.c
@@ -1186,6 +1186,7 @@ cgi_set_sid(void)
   const char		*remote_addr,	/* REMOTE_ADDR */
 			*server_name,	/* SERVER_NAME */
 			*server_port;	/* SERVER_PORT */
+  struct timeval	curtime;	/* Current time */
 
 
   if ((remote_addr = getenv("REMOTE_ADDR")) == NULL)
@@ -1195,7 +1196,8 @@ cgi_set_sid(void)
   if ((server_port = getenv("SERVER_PORT")) == NULL)
     server_port = "SERVER_PORT";
 
-  CUPS_SRAND(time(NULL));
+  gettimeofday(&curtime, NULL);
+  CUPS_SRAND(curtime.tv_sec + curtime.tv_usec);
   snprintf(buffer, sizeof(buffer), "%s:%s:%s:%02X%02X%02X%02X%02X%02X%02X%02X",
            remote_addr, server_name, server_port,
 	   (unsigned)CUPS_RAND() & 255, (unsigned)CUPS_RAND() & 255,
author	Michael R Sweet <michael.r.sweet@gmail.com>	2018-12-07 12:08:27 -0500
committer	Michael R Sweet <michael.r.sweet@gmail.com>	2018-12-07 12:08:27 -0500
commit	b9ff93ce913ff633a3f667317e5a81fa7fe0d5d3 (patch)
tree	70ea38287af1e7f3c5156400c52fbfa4c7645ac3 /cgi-bin
parent	46637f30d7f7cb92ea72e75e4a518dd150138269 (diff)
download	cups-b9ff93ce913ff633a3f667317e5a81fa7fe0d5d3.tar.gz