From 820b30bcb81c3106b4923bb974c617402de1ff73 Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Tue, 28 Nov 2006 00:24:16 +0000 Subject: [PATCH] MFB: Replace non-threadsafe rand() with php_rand_r() --- ext/mcrypt/mcrypt.c | 3 ++- ext/soap/php_http.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/ext/mcrypt/mcrypt.c b/ext/mcrypt/mcrypt.c index fe7028bda6..701a1fccc6 100644 --- a/ext/mcrypt/mcrypt.c +++ b/ext/mcrypt/mcrypt.c @@ -1039,7 +1039,8 @@ int php_mcrypt_iv(php_mcrypt_iv_source source, int size, char **iv_str, int *iv_ case PHP_MCRYPT_IV_SOURCE_RAND: *iv_len = size; while (size) { - (*iv_str)[--size] = 255.0 * rand() / RAND_MAX; + unsigned int ctx; + (*iv_str)[--size] = 255.0 * php_rand_r(&ctx) / RAND_MAX; } break; } diff --git a/ext/soap/php_http.c b/ext/soap/php_http.c index 229fb52a21..ce15c27747 100644 --- a/ext/soap/php_http.c +++ b/ext/soap/php_http.c @@ -462,9 +462,10 @@ try_again: char HA1[33], HA2[33], response[33], cnonce[33], nc[9]; PHP_MD5_CTX md5ctx; unsigned char hash[16]; + unsigned int ctx; PHP_MD5Init(&md5ctx); - sprintf(cnonce, "%d", rand()); + sprintf(cnonce, "%d", php_rand_r(&ctx)); PHP_MD5Update(&md5ctx, (unsigned char*)cnonce, strlen(cnonce)); PHP_MD5Final(hash, &md5ctx); make_digest(cnonce, hash); -- 2.50.1