On Mon, Apr 20, 2020 at 11:18:55AM +0200, Oswald wrote in
<20200420091855.GA283365@ugly>:
+ r = rand_uint64();
+
+ rbuf[0] = r & 0xFF;
+ rbuf[1] = (r >> 8) & 0xFF;
+ rbuf[2] = (r >> 16) & 0xFF;
+ rbuf[3] = (r >> 24) & 0xFF;
+ rbuf[4] = (r >> 32) & 0xFF;
+ rbuf[5] = (r >> 40) & 0xFF;
+ rbuf[6] = (r >> 48) & 0xFF;
+ rbuf[7] = (r >> 56) & 0xFF;
+
just use memcpy(). endianess doesn't matter.
Thanks, I will incorporate this in the patch!
+ snprintf (buf, sizeof (buf), "<%s.%s@%s>",
mutt_gen_base64_enc_rand(), + mutt_gen_base64_enc_rand(), fqdn);
you're leaking the random strings. i suggest passing in fixed-size
buffers instead.
I am not sure I understand how the random strings are being leaked, and
I'd like to understand. Can you clarify this to me and explain how this
would be a concern?
Thanks again for the feedback, I really appreciate it!
