Hi!
On Tue, 2019-10-29 at 23:28:26 -0500, Andrew Eggenberger wrote:
> --- /dev/null
> +++ b/sysdeps/mach/hurd/getrandom.c
> +/* Write up to LENGTH bytes of randomness starting at BUFFER.
> + Return the number of bytes written, or -1 on error. */
> +ssize_t
> +getrandom (void *buffer, size_t length, unsigned int flags)
> +{
> + char* random_source = "/dev/urandom";
> + int amount_read, fp;
I'd define amount_read as ssize_t. I'd probably call this fd, fp is
usually associated with a «FILE *». Shouldn't the * be next to the
variable instead of the type?
> + if (flags & GRND_RANDOM){
> + random_source = "/dev/random";
> + }
> +
> + fp = open(random_source, O_RDONLY);
Shouldn't this be opened with O_CLOEXEC, otherwise children created
by other threads might leak file descriptors. Although I don't see
this being consistently done in glibc, not sure why?
> + amount_read = read(fp, buffer, length);
What about partial reads?
> + close(fp);
> + return amount_read;
> +}
Thanks,
Guillem
