Browse Source

it is 2014, and we still need to encourage people away from srand()

and random().  Sigh.
OPENBSD_5_6
deraadt 10 years ago
parent
commit
e95464400c
2 changed files with 14 additions and 5 deletions
  1. +6
    -3
      src/lib/libc/stdlib/rand.3
  2. +8
    -2
      src/lib/libc/stdlib/random.3

+ 6
- 3
src/lib/libc/stdlib/rand.3 View File

@ -29,9 +29,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE. .\" SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: rand.3,v 1.15 2014/04/07 17:57:56 schwarze Exp $
.\" $OpenBSD: rand.3,v 1.16 2014/07/17 23:12:28 deraadt Exp $
.\" .\"
.Dd $Mdocdate: April 7 2014 $
.Dd $Mdocdate: July 17 2014 $
.Dt RAND 3 .Dt RAND 3
.Os .Os
.Sh NAME .Sh NAME
@ -50,7 +50,10 @@
.Sh DESCRIPTION .Sh DESCRIPTION
.Bf -symbolic .Bf -symbolic
These interfaces are obsoleted by These interfaces are obsoleted by
.Xr random 3 .
.Xr random 3 ,
which is also unsafe.
Consider using
.Xr arc4random 3 .
.Ef .Ef
.Pp .Pp
The The


+ 8
- 2
src/lib/libc/stdlib/random.3 View File

@ -25,9 +25,9 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE. .\" SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: random.3,v 1.23 2014/07/13 14:25:00 tedu Exp $
.\" $OpenBSD: random.3,v 1.24 2014/07/17 23:12:28 deraadt Exp $
.\" .\"
.Dd $Mdocdate: July 13 2014 $
.Dd $Mdocdate: July 17 2014 $
.Dt RANDOM 3 .Dt RANDOM 3
.Os .Os
.Sh NAME .Sh NAME
@ -50,6 +50,12 @@
.Ft char * .Ft char *
.Fn setstate "char *state" .Fn setstate "char *state"
.Sh DESCRIPTION .Sh DESCRIPTION
.Bf -symbolic
This interface is not cryptographically secure, so consider using
.Xr arc4random 3
instead.
.Ef
.Pp
The The
.Fn random .Fn random
function uses a non-linear additive feedback random number generator employing function uses a non-linear additive feedback random number generator employing


Loading…
Cancel
Save