diff options
author | Otto Moerbeek <otto@cvs.openbsd.org> | 2004-05-16 18:36:03 +0000 |
---|---|---|
committer | Otto Moerbeek <otto@cvs.openbsd.org> | 2004-05-16 18:36:03 +0000 |
commit | f0ea78aeb3552556921bd9a050152256b7cc1397 (patch) | |
tree | 07cb022c7ac4b93ae5c821ad1c72bf0f39c75558 /usr.sbin/httpd | |
parent | 8c1293e731749d7818192ce199ecaeafac849ace (diff) |
Use arc4random(3) instead of rand(3) to compute random numbers.
ok millert@ henning@
Diffstat (limited to 'usr.sbin/httpd')
-rw-r--r-- | usr.sbin/httpd/src/modules/standard/mod_rewrite.c | 24 |
1 files changed, 6 insertions, 18 deletions
diff --git a/usr.sbin/httpd/src/modules/standard/mod_rewrite.c b/usr.sbin/httpd/src/modules/standard/mod_rewrite.c index 5e06b0ff671..4adc3624465 100644 --- a/usr.sbin/httpd/src/modules/standard/mod_rewrite.c +++ b/usr.sbin/httpd/src/modules/standard/mod_rewrite.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mod_rewrite.c,v 1.20 2003/10/29 10:11:00 henning Exp $ */ +/* $OpenBSD: mod_rewrite.c,v 1.21 2004/05/16 18:36:02 otto Exp $ */ /* ==================================================================== * The Apache Software License, Version 1.1 @@ -3200,27 +3200,15 @@ static char *rewrite_mapfunc_unescape(request_rec *r, char *key) return value; } -static int rewrite_rand_init_done = 0; - -static void rewrite_rand_init(void) -{ - if (!rewrite_rand_init_done) { - srand((unsigned)(getpid())); - rewrite_rand_init_done = 1; - } - return; -} - static int rewrite_rand(int l, int h) { - rewrite_rand_init(); - /* Get [0,1) and then scale to the appropriate range. Note that using - * a floating point value ensures that we use all bits of the rand() - * result. Doing an integer modulus would only use the lower-order bits - * which may not be as uniformly random. + * a floating point value ensures that we use all bits of the arc4random() + * result. Doing an integer modulus would yield a non-uniformly distibuted + * result, because MAX_UINT may not be divisble by the size of the + * interval. */ - return (int)(((double)(rand() % RAND_MAX) / RAND_MAX) * (h - l + 1) + l); + return (int)(arc4random() / ((double)0xffffffffU + 1) * (h - l + 1) + l); } static char *select_random_value_part(request_rec *r, char *value) |