[PATCH] Use arc4random instead of rand where available

Jeremy Huddleston jeremyhu at freedesktop.org
Tue Mar 23 10:30:24 PDT 2010


On Mar 23, 2010, at 06:48, Mark Kettenis wrote:

> Guys, if you ask me, introducing all this additional complecity just
> to placate a static analysis tool is starting to get a bit silly.
> 
> How about just putting a comment in the code that the usage of rand()
> is not security related at all and therefore perfectly fine?

Yeah, I agree... if someone at some point in time drops rand(), we may need to do this, but for now it really is "close enough"

--Jeremy

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5820 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-devel/attachments/20100323/b9265274/attachment.bin>


More information about the xorg-devel mailing list