Use arc4random for mkstemp() and insults.

2018-05-24 21:04:23 -06:00
parent ddd663a5f2
commit 43003d29d8
5 changed files with 24 additions and 84 deletions
--- a/lib/util/Makefile.in
+++ b/lib/util/Makefile.in
@@ -492,8 +492,8 @@ mksiglist.lo: $(srcdir)/mksiglist.c $(incdir)/sudo_compat.h \
 mksigname.lo: $(srcdir)/mksigname.c $(incdir)/sudo_compat.h \
              $(srcdir)/mksigname.h $(top_builddir)/config.h
 	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/mksigname.c
-mktemp.lo: $(srcdir)/mktemp.c $(incdir)/sudo_compat.h $(top_builddir)/config.h \
+mktemp.lo: $(srcdir)/mktemp.c $(incdir)/sudo_compat.h $(incdir)/sudo_rand.h \
-           $(top_builddir)/pathnames.h
+           $(top_builddir)/config.h $(top_builddir)/pathnames.h
 	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(srcdir)/mktemp.c
 mktemp_test.lo: $(srcdir)/regress/mktemp/mktemp_test.c \
                $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
--- a/lib/util/mktemp.c
+++ b/lib/util/mktemp.c
@@ -30,6 +30,11 @@
 #ifdef HAVE_STDLIB_H
 # include <stdlib.h>
 #endif /* HAVE_STDLIB_H */
 #if defined(HAVE_STDINT_H)
 # include <stdint.h>
 #elif defined(HAVE_INTTYPES_H)
 # include <inttypes.h>
 #endif
 #ifdef HAVE_STRING_H
 # include <string.h>
 #endif /* HAVE_STRING_H */
@@ -41,6 +46,7 @@
 #include <time.h>
 #include "sudo_compat.h"
 #include "sudo_rand.h"
 #include "pathnames.h"
 #define MKTEMP_FILE	1
@@ -50,80 +56,6 @@
 #define NUM_CHARS	(sizeof(TEMPCHARS) - 1)
 #define MIN_X		6
 #ifndef INT_MAX
 #define INT_MAX	0x7fffffff
 #endif
 #if defined(HAVE_ARC4RANDOM)
 # define RAND()		arc4random()
 # define SEED_T		unsigned int
 #elif defined(HAVE_RANDOM)
 # define RAND()		random()
 # define SRAND(_x)	srandom((_x))
 # define SEED_T		unsigned int
 #elif defined(HAVE_LRAND48)
 # define RAND()		lrand48()
 # define SRAND(_x)	srand48((_x))
 # define SEED_T		long
 #else
 # define RAND()		rand()
 # define SRAND(_x)	srand((_x))
 # define SEED_T		unsigned int
 #endif
 static void
 seed_random(void)
 {
 #ifdef SRAND
 	struct timeval tv;
 	SEED_T seed;
 	int fd;
 # ifdef HAVE_GETENTROPY
 	/* Not really an fd, just has to be -1 on error. */
 	fd = getentropy(&seed, sizeof(seed));
 # else
 	/*
 	 * Seed from /dev/urandom if possible.
 	 */
 	fd = open(_PATH_DEV "urandom", O_RDONLY);
 	if (fd != -1) {
 	    ssize_t nread;
 	    do {
 		nread = read(fd, &seed, sizeof(seed));
 	    } while (nread == -1 && errno == EINTR);
 	    close(fd);
 	    if (nread != (ssize_t)sizeof(seed))
 		fd = -1;
 	}
 # endif /* HAVE_GETENTROPY */
 	/*
 	 * If no /dev/urandom, seed from time of day and process id
 	 * multiplied by small primes.
 	 */
 	if (fd == -1) {
 	    (void) gettimeofday(&tv, NULL);
 	    seed = (tv.tv_sec % 10000) * 523 + tv.tv_usec * 13 +
 		(getpid() % 1000) * 983;
 	}
 	SRAND(seed);
 #endif
 }
 static unsigned int
 get_random(void)
 {
 	static int initialized;
 	if (!initialized) {
 		seed_random();
 		initialized = 1;
 	}
 	return RAND() & 0xffffffff;
 }
 static int
 mktemp_internal(char *path, int slen, int mode)
 {
@@ -153,7 +85,7 @@ mktemp_internal(char *path, int slen, int mode)
 	do {
 		for (cp = start; cp != ep; cp++) {
-			r = get_random() % NUM_CHARS;
+			r = arc4random_uniform(NUM_CHARS);
 			*cp = tempchars[r];
 		}
--- a/plugins/sudoers/Makefile.in
+++ b/plugins/sudoers/Makefile.in
@@ -1284,12 +1284,13 @@ sudo_auth.lo: $(authdir)/sudo_auth.c $(devdir)/def_data.h \
              $(incdir)/sudo_conf.h $(incdir)/sudo_debug.h \
              $(incdir)/sudo_fatal.h $(incdir)/sudo_gettext.h \
              $(incdir)/sudo_plugin.h $(incdir)/sudo_queue.h \
-              $(incdir)/sudo_util.h $(srcdir)/defaults.h $(srcdir)/ins_2001.h \
+              $(incdir)/sudo_rand.h $(incdir)/sudo_util.h $(srcdir)/defaults.h \
-              $(srcdir)/ins_classic.h $(srcdir)/ins_csops.h \
+              $(srcdir)/ins_2001.h $(srcdir)/ins_classic.h \
-              $(srcdir)/ins_goons.h $(srcdir)/ins_python.h $(srcdir)/insults.h \
+              $(srcdir)/ins_csops.h $(srcdir)/ins_goons.h \
-              $(srcdir)/logging.h $(srcdir)/parse.h $(srcdir)/sudo_nss.h \
+              $(srcdir)/ins_python.h $(srcdir)/insults.h $(srcdir)/logging.h \
-              $(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
+              $(srcdir)/parse.h $(srcdir)/sudo_nss.h $(srcdir)/sudoers.h \
-              $(top_builddir)/config.h $(top_builddir)/pathnames.h
+              $(srcdir)/sudoers_debug.h $(top_builddir)/config.h \
              $(top_builddir)/pathnames.h
 	$(LIBTOOL) $(LTFLAGS) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(ASAN_CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(authdir)/sudo_auth.c
 sudo_nss.lo: $(srcdir)/sudo_nss.c $(devdir)/def_data.h \
             $(incdir)/compat/stdbool.h $(incdir)/sudo_compat.h \
--- a/plugins/sudoers/auth/sudo_auth.c
+++ b/plugins/sudoers/auth/sudo_auth.c
@@ -23,6 +23,11 @@
 #include <sys/types.h>
 #include <stdio.h>
 #include <stdlib.h>
 #if defined(HAVE_STDINT_H)
 # include <stdint.h>
 #elif defined(HAVE_INTTYPES_H)
 # include <inttypes.h>
 #endif
 #ifdef HAVE_STRING_H
 # include <string.h>
 #endif /* HAVE_STRING_H */
--- a/plugins/sudoers/insults.h
+++ b/plugins/sudoers/insults.h
@@ -20,6 +20,8 @@
 #if defined(HAL_INSULTS) || defined(GOONS_INSULTS) || defined(CLASSIC_INSULTS) || defined(CSOPS_INSULTS) || defined(PYTHON_INSULTS)
 #include "sudo_rand.h"
 /*
 * Use one or more set of insults as determined by configure
 */
@@ -58,7 +60,7 @@ char *insults[] = {
 /*
 * return a pseudo-random insult.
 */
-#define INSULT		(insults[time(NULL) % NOFINSULTS])
+#define INSULT		(insults[arc4random_uniform(NOFINSULTS)])
 #endif /* HAL_INSULTS || GOONS_INSULTS || CLASSIC_INSULTS || CSOPS_INSULTS || PYTHON_INSULTS */