From: Rasmus Lerdorf <rasmus@php.net>
Date: Fri, 8 Jan 2010 09:43:14 +0000 (+0000)
Subject: Worked with Samy Kamkar to improve LCG entropy.
X-Git-Tag: php-5.2.13RC1~43
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=ea2d12a534aea64f6e10928f4233910eb6fbbf05;p=php

Worked with Samy Kamkar to improve LCG entropy.
---

diff --git a/NEWS b/NEWS
index 3d61dd9b79..f926949846 100644
--- a/NEWS
+++ b/NEWS
@@ -11,6 +11,8 @@ PHP                                                                        NEWS
 
 - Fixed build of mysqli with MySQL 5.5.0-m2. (Andrey)
 
+- Improved LCG entropy (Rasmus, Samy Kamkar)
+
 - Fixed bug #50680 (strtotime() does not support eighth ordinal number).
   (Ilia)
 - Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). (Rob)
diff --git a/ext/standard/lcg.c b/ext/standard/lcg.c
index 71abc77583..8c66a2fa59 100644
--- a/ext/standard/lcg.c
+++ b/ext/standard/lcg.c
@@ -78,7 +78,7 @@ static void lcg_seed(TSRMLS_D)
 	struct timeval tv;
 
 	if (gettimeofday(&tv, NULL) == 0) {
-		LCG(s1) = tv.tv_sec ^ (~tv.tv_usec);
+		LCG(s1) = tv.tv_sec ^ (tv.tv_usec<<11);
 	} else {
 		LCG(s1) = 1;
 	}
@@ -88,6 +88,11 @@ static void lcg_seed(TSRMLS_D)
 	LCG(s2) = (long) getpid();
 #endif
 
+	/* Add entropy to s2 by calling gettimeofday() again */
+	if (gettimeofday(&tv, NULL) == 0) {
+		LCG(s2) ^= (tv.tv_usec<<11);
+	}
+
 	LCG(seeded) = 1;
 }