[PATCH] Use arc4random instead of rand where available

Daniel Stone daniel at fooishbar.org
Tue Mar 23 22:03:09 PDT 2010


On Tue, Mar 23, 2010 at 10:30:24AM -0700, Jeremy Huddleston wrote:
> On Mar 23, 2010, at 06:48, Mark Kettenis wrote:
> > Guys, if you ask me, introducing all this additional complecity just
> > to placate a static analysis tool is starting to get a bit silly.
> > 
> > How about just putting a comment in the code that the usage of rand()
> > is not security related at all and therefore perfectly fine?
> 
> Yeah, I agree... if someone at some point in time drops rand(), we may need to do this, but for now it really is "close enough"

rand() is part of ISO C ...

Cheers,
Daniel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://lists.x.org/archives/xorg-devel/attachments/20100324/6bbd2a48/attachment.pgp>


More information about the xorg-devel mailing list