GNOME Bugzilla – Bug 710738
GRand has lame fallback for Windows
Last modified: 2014-07-23 17:09:59 UTC
On Unix we seed from /dev/unrandom, but on Windows we just fall back to getpid() and time. Windows has CryptGenRandom().
Created attachment 258135 [details] [review] win32: use real random data for seed on win32 We use RtlGenRandom() to do this instead of bringing up an entire crypto context and using CryptGenRandom(). Several web sources suggest that this is what CryptGenRandom() is doing internally anyway, and MSDN documents this as being legit.
http://msdn.microsoft.com/en-us/library/sxtz2fa8.aspx make it look like 'rand_s' is an easier way to get this working, but I couldn't make it work with mingw (and the docs on MSDN say that it's just doing RtlGenRandom() internally anyway). The above patch does work on mingw32/fedora + wine.
Review of attachment 258135 [details] [review]: Nice! Code looks correct structurally, and the content also looks good to me from what I can tell online.
Created attachment 258136 [details] [review] win32: use real random data for seed on win32 We can get cryptographically secure data from rand_s(). I figured it out. I had a #ifdef G_OS_WIN32 too early (ie: before it was set) which caused me to fail to include the proper header.
Review of attachment 258136 [details] [review]: Oh that is *far* simpler. Just one little bit: ::: glib/grand.c @@ +267,3 @@ +#else /* G_OS_WIN32 */ + gint i; + Won't this declaration-after-statement trip up C89 mode? Or do we not care for MSVC/mingw?
Attachment 258136 [details] pushed as 0e1924a - win32: use real random data for seed on win32 The variable is only declared inside of the #else branch and there is no statement above the #ifdef. The only thing up there: 'guint32 seed[4];' Pushed.
This breaks the build under mingw: Creating library file: .libs/libglib-2.0.dll.a .libs/libglib_2_0_la-grand.o:grand.c:(.text+0x804): undefined reference to `_rand_s' .libs/libglib_2_0_la-grand.o:grand.c:(.text+0x817): undefined reference to `_rand_s' collect2: ld returned 1 exit status
The original patch appears to work. Btw., if you are going to claim "cryptographically secure data" then you should really check the return value.
This is a known mingw32 shortcoming. Someone filed a bug upstream about it already; http://sourceforge.net/p/mingw/bugs/2122/
I am reopening this since this patch broke the windows build. I needed to revert it in my builder to be able to build glib on windows. See: https://git.gnome.org/browse/gtk-builder-win/tree/win32/libs/12_glib/revert_rand_s.patch It is applied with -R btw.
Nevermind it seems it was due to using the old mingw.