Use arc4random for mkstemp() and insults.

diff --git a/lib/util/Makefile.in b/lib/util/Makefile.in
index 8f07bce8b6bb85d57f7c88aef68d876b490c50af..e9e8113c2e2782550d10662f764d1fe3180b6022 100644 (file)
--- a/lib/util/Makefile.in
+++ b/lib/util/Makefile.in
@@ -492,8 +492,8 @@ mksiglist.lo: $(srcdir)/mksiglist.c $(incdir)/sudo_compat.h \
 mksigname.lo: $(srcdir)/mksigname.c $(incdir)/sudo_compat.h \
               $(srcdir)/mksigname.h $(top_builddir)/config.h
        $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/mksigname.c
-mktemp.lo: $(srcdir)/mktemp.c $(incdir)/sudo_compat.h $(top_builddir)/config.h \
-           $(top_builddir)/pathnames.h
+mktemp.lo: $(srcdir)/mktemp.c $(incdir)/sudo_compat.h $(incdir)/sudo_rand.h \
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
        $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/mktemp.c
 mktemp_test.lo: $(srcdir)/regress/mktemp/mktemp_test.c \
                 $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \

diff --git a/lib/util/mktemp.c b/lib/util/mktemp.c
index defbd9014c00361e2b7ff8b0d4c553418d4d8ce7..4537b3ded3c9c58cf9d4021b40c4d72c0e68d72d 100644 (file)
--- a/lib/util/mktemp.c
+++ b/lib/util/mktemp.c
@@ -30,6 +30,11 @@
 #ifdef HAVE_STDLIB_H
 # include <stdlib.h>
 #endif /* HAVE_STDLIB_H */
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
 #ifdef HAVE_STRING_H
 # include <string.h>
 #endif /* HAVE_STRING_H */
@@ -41,6 +46,7 @@
 #include <time.h>
 
 #include "sudo_compat.h"
+#include "sudo_rand.h"
 #include "pathnames.h"
 
 #define MKTEMP_FILE    1
@@ -50,80 +56,6 @@
 #define NUM_CHARS      (sizeof(TEMPCHARS) - 1)
 #define MIN_X          6
 
-#ifndef INT_MAX
-#define INT_MAX        0x7fffffff
-#endif
-
-#if defined(HAVE_ARC4RANDOM)
-# define RAND()                arc4random()
-# define SEED_T                unsigned int
-#elif defined(HAVE_RANDOM)
-# define RAND()                random()
-# define SRAND(_x)     srandom((_x))
-# define SEED_T                unsigned int
-#elif defined(HAVE_LRAND48)
-# define RAND()                lrand48()
-# define SRAND(_x)     srand48((_x))
-# define SEED_T                long
-#else
-# define RAND()                rand()
-# define SRAND(_x)     srand((_x))
-# define SEED_T                unsigned int
-#endif
-
-static void
-seed_random(void)
-{
-#ifdef SRAND
-       struct timeval tv;
-       SEED_T seed;
-       int fd;
-
-# ifdef HAVE_GETENTROPY
-       /* Not really an fd, just has to be -1 on error. */
-       fd = getentropy(&seed, sizeof(seed));
-# else
-       /*
-        * Seed from /dev/urandom if possible.
-        */
-       fd = open(_PATH_DEV "urandom", O_RDONLY);
-       if (fd != -1) {
-           ssize_t nread;
-
-           do {
-               nread = read(fd, &seed, sizeof(seed));
-           } while (nread == -1 && errno == EINTR);
-           close(fd);
-           if (nread != (ssize_t)sizeof(seed))
-               fd = -1;
-       }
-# endif /* HAVE_GETENTROPY */
-       /*
-        * If no /dev/urandom, seed from time of day and process id
-        * multiplied by small primes.
-        */
-       if (fd == -1) {
-           (void) gettimeofday(&tv, NULL);
-           seed = (tv.tv_sec % 10000) * 523 + tv.tv_usec * 13 +
-               (getpid() % 1000) * 983;
-       }
-       SRAND(seed);
-#endif
-}
-
-static unsigned int
-get_random(void)
-{
-       static int initialized;
-
-       if (!initialized) {
-               seed_random();
-               initialized = 1;
-       }
-
-       return RAND() & 0xffffffff;
-}
-
 static int
 mktemp_internal(char *path, int slen, int mode)
 {
@@ -153,7 +85,7 @@ mktemp_internal(char *path, int slen, int mode)
 
        do {
                for (cp = start; cp != ep; cp++) {
-                       r = get_random() % NUM_CHARS;
+                       r = arc4random_uniform(NUM_CHARS);
                        *cp = tempchars[r];
                }
 

diff --git a/plugins/sudoers/Makefile.in b/plugins/sudoers/Makefile.in
index 352c3aff74cd7c35cb9a6c0860e509f2f16f27d9..b8cf9720c6498395f0d8aada421cee38265c1f13 100644 (file)
--- a/plugins/sudoers/Makefile.in
+++ b/plugins/sudoers/Makefile.in
@@ -1284,12 +1284,13 @@ sudo_auth.lo: $(authdir)/sudo_auth.c $(devdir)/def_data.h \
               $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
               $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
               $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
-              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/ins_2001.h \
-              $(srcdir)/ins_classic.h $(srcdir)/ins_csops.h \
-              $(srcdir)/ins_goons.h $(srcdir)/ins_python.h $(srcdir)/insults.h \
-              $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
-              $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
-              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+              $(incdir)/sudo_rand.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
+              $(srcdir)/ins_2001.h $(srcdir)/ins_classic.h \
+              $(srcdir)/ins_csops.h $(srcdir)/ins_goons.h \
+              $(srcdir)/ins_python.h $(srcdir)/insults.h $(srcdir)/logging.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
+              $(top_builddir)/pathnames.h
        $(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/sudo_auth.c
 sudo_nss.lo: $(srcdir)/sudo_nss.c $(devdir)/def_data.h \
              $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \

diff --git a/plugins/sudoers/auth/sudo_auth.c b/plugins/sudoers/auth/sudo_auth.c
index 6ef9bd7260d72877d1450f743dc2638efb1d4abf..022f81efb61baf87f37ea5a9b4aba7e56a648fd1 100644 (file)
--- a/plugins/sudoers/auth/sudo_auth.c
+++ b/plugins/sudoers/auth/sudo_auth.c
@@ -23,6 +23,11 @@
 #include <sys/types.h>
 #include <stdio.h>
 #include <stdlib.h>
+#if defined(HAVE_STDINT_H)
+# include <stdint.h>
+#elif defined(HAVE_INTTYPES_H)
+# include <inttypes.h>
+#endif
 #ifdef HAVE_STRING_H
 # include <string.h>
 #endif /* HAVE_STRING_H */

diff --git a/plugins/sudoers/insults.h b/plugins/sudoers/insults.h
index 58d7f9d217c379b5719e3359d73bb569aabca411..cc08023fc5967571d9cbe17253ddd925ed2a2f74 100644 (file)
--- a/plugins/sudoers/insults.h
+++ b/plugins/sudoers/insults.h
@@ -20,6 +20,8 @@
 
 #if defined(HAL_INSULTS) || defined(GOONS_INSULTS) || defined(CLASSIC_INSULTS) || defined(CSOPS_INSULTS) || defined(PYTHON_INSULTS)
 
+#include "sudo_rand.h"
+
 /*
  * Use one or more set of insults as determined by configure
  */
@@ -58,7 +60,7 @@ char *insults[] = {
 /*
  * return a pseudo-random insult.
  */
-#define INSULT         (insults[time(NULL) % NOFINSULTS])
+#define INSULT         (insults[arc4random_uniform(NOFINSULTS)])
 
 #endif /* HAL_INSULTS || GOONS_INSULTS || CLASSIC_INSULTS || CSOPS_INSULTS || PYTHON_INSULTS */