[Dnsmasq-discuss] [PATCH 1/6] Fix -Wshadow: rand64() was mistakenly using its own counter O_o

Leonid Evdokimov Fri, 04 Oct 2024 15:10:37 -0700

It might be security vulnerability as rand64() is basically transmitted
to network in address6_allocate() and it might expose values for some of
next rand16() and rand32() calls as no other function calls rand64().
---
 src/util.c | 2 --
 1 file changed, 2 deletions(-)


diff --git src/util.c src/util.c
index c5273812..fefa8333 100644
--- src/util.c
+++ src/util.c
@@ -101,8 +101,6 @@ u32 rand32(void)
 
 u64 rand64(void)
 {
-  static int outleft = 0;
-
   if (outleft < 2)
     {
       if (!++in[0]) if (!++in[1]) if (!++in[2]) ++in[3];
-- 
2.34.1


_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] [PATCH 1/6] Fix -Wshadow: rand64() was mistakenly using its own counter O_o

Reply via email to