summaryrefslogtreecommitdiff
path: root/usr.sbin/httpd
diff options
context:
space:
mode:
authorOtto Moerbeek <otto@cvs.openbsd.org>2004-05-16 18:36:03 +0000
committerOtto Moerbeek <otto@cvs.openbsd.org>2004-05-16 18:36:03 +0000
commitf0ea78aeb3552556921bd9a050152256b7cc1397 (patch)
tree07cb022c7ac4b93ae5c821ad1c72bf0f39c75558 /usr.sbin/httpd
parent8c1293e731749d7818192ce199ecaeafac849ace (diff)
Use arc4random(3) instead of rand(3) to compute random numbers.
ok millert@ henning@
Diffstat (limited to 'usr.sbin/httpd')
-rw-r--r--usr.sbin/httpd/src/modules/standard/mod_rewrite.c24
1 files changed, 6 insertions, 18 deletions
diff --git a/usr.sbin/httpd/src/modules/standard/mod_rewrite.c b/usr.sbin/httpd/src/modules/standard/mod_rewrite.c
index 5e06b0ff671..4adc3624465 100644
--- a/usr.sbin/httpd/src/modules/standard/mod_rewrite.c
+++ b/usr.sbin/httpd/src/modules/standard/mod_rewrite.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: mod_rewrite.c,v 1.20 2003/10/29 10:11:00 henning Exp $ */
+/* $OpenBSD: mod_rewrite.c,v 1.21 2004/05/16 18:36:02 otto Exp $ */
/* ====================================================================
* The Apache Software License, Version 1.1
@@ -3200,27 +3200,15 @@ static char *rewrite_mapfunc_unescape(request_rec *r, char *key)
return value;
}
-static int rewrite_rand_init_done = 0;
-
-static void rewrite_rand_init(void)
-{
- if (!rewrite_rand_init_done) {
- srand((unsigned)(getpid()));
- rewrite_rand_init_done = 1;
- }
- return;
-}
-
static int rewrite_rand(int l, int h)
{
- rewrite_rand_init();
-
/* Get [0,1) and then scale to the appropriate range. Note that using
- * a floating point value ensures that we use all bits of the rand()
- * result. Doing an integer modulus would only use the lower-order bits
- * which may not be as uniformly random.
+ * a floating point value ensures that we use all bits of the arc4random()
+ * result. Doing an integer modulus would yield a non-uniformly distibuted
+ * result, because MAX_UINT may not be divisble by the size of the
+ * interval.
*/
- return (int)(((double)(rand() % RAND_MAX) / RAND_MAX) * (h - l + 1) + l);
+ return (int)(arc4random() / ((double)0xffffffffU + 1) * (h - l + 1) + l);
}
static char *select_random_value_part(request_rec *r, char *value)