From: Raymond Hettinger <python@rcn.com>
Date: Wed, 14 May 2014 05:09:23 +0000 (-0700)
Subject: Issue #21470: Do a better job seeding the random number generator
X-Git-Tag: v2.7.7rc1~13
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ddb39e799d65748c5ea42c344170befc90af9e64;p=python

Issue #21470: Do a better job seeding the random number generator
to fully cover its state space.
---

diff --git a/Lib/random.py b/Lib/random.py
index 2f2f0915e2..e89fae663a 100644
--- a/Lib/random.py
+++ b/Lib/random.py
@@ -108,7 +108,9 @@ class Random(_random.Random):
 
         if a is None:
             try:
-                a = long(_hexlify(_urandom(32)), 16)
+                # Seed with enough bytes to span the 19937 bit
+                # state space for the Mersenne Twister
+                a = long(_hexlify(_urandom(2500)), 16)
             except NotImplementedError:
                 import time
                 a = long(time.time() * 256) # use fractional seconds
diff --git a/Misc/NEWS b/Misc/NEWS
index 2bda7260c0..e028419fee 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS
@@ -52,6 +52,9 @@ Library
 - Issue #21306: Backport hmac.compare_digest from Python 3. This is part of PEP
   466.
 
+- Issue #21470: Do a better job seeding the random number generator by
+  using enough bytes to span the full state space of the Mersenne Twister.
+
 - Issue #21469:  Reduced the risk of false positives in robotparser by
   checking to make sure that robots.txt has been read or does not exist
   prior to returning True in can_fetch().