On Sun, Feb 14, 2016 at 07:39:32PM +0000, Nick Lowe wrote: > Switch from using os_random() to using > os_get_random(...) in advertisement_state_machine_start(...) The intention is > to facilitate the future removal of os_random(). os_random() uses a low > quality PRNG which we should avoid using outright unless there is a > compelling performance justification to do so. > diff --git a/src/wps/wps_upnp_ssdp.c b/src/wps/wps_upnp_ssdp.c > @@ -354,7 +354,10 @@ int advertisement_state_machine_start(struct > /* First timeout should be random interval < 100 msec */ > - next_timeout_msec = (100 * (os_random() & 0xFF)) >> 8; > + if (os_get_random((u8 *) &next_timeout_msec, > + sizeof(next_timeout_msec)) < 0) > + return -1; > + next_timeout_msec = (100 * (next_timeout_msec & 0xFF)) >> 8; > return eloop_register_timeout(0, next_timeout_msec, > @@ -475,7 +478,10 @@ static void > msearchreply_state_machine_start(struct upnp_wps_device_sm *sm, > - next_timeout_msec = (1000 * mx * (os_random() & 0xFF)) >> 8; > + if (os_get_random((u8 *) &next_timeout_msec, > + sizeof(next_timeout_msec)) < 0) > + goto fail; > + next_timeout_msec = (1000 * mx * (next_timeout_msec & 0xFF)) >> 8; Both of these would need to be unsigned values to avoid issues with negative timeout values. In addition, I don't really like the error path options here.. Likely better to just hardcode a timeout in the unlikely error case. -- Jouni Malinen PGP id EFC895FA _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap