diff options
-rw-r--r-- | CHANGES | 4 | ||||
-rw-r--r-- | lib/easy.c | 5 | ||||
-rw-r--r-- | lib/formdata.c | 35 | ||||
-rw-r--r-- | lib/formdata.h | 3 |
4 files changed, 42 insertions, 5 deletions
@@ -6,6 +6,10 @@ Changelog +Patrick Monnerat (15 Jun 2009) +- Replaced use of standard C library rand()/srand() by our own pseudo-random + number generator. + Yang Tse (11 Jun 2009) - I adapted testcurl script to allow building test harness programs when cross-compiling for a *-*-mingw* host. diff --git a/lib/easy.c b/lib/easy.c index 70aa5a097..10b1bd3ee 100644 --- a/lib/easy.c +++ b/lib/easy.c @@ -85,6 +85,7 @@ #include "http_ntlm.h" #include "connect.h" /* for Curl_getconnectinfo */ #include "slist.h" +#include "formdata.h" /* For Curl_srand(). */ #define _MPRINTF_REPLACE /* use our functions only */ #include <curl/mprintf.h> @@ -289,6 +290,10 @@ CURLcode curl_global_init(long flags) init_flags = flags; + /* Preset pseudo-random number sequence. */ + + Curl_srand(); + return CURLE_OK; } diff --git a/lib/formdata.c b/lib/formdata.c index f2a4892bf..8538e9f91 100644 --- a/lib/formdata.c +++ b/lib/formdata.c @@ -108,6 +108,12 @@ Content-Disposition: form-data; name="FILECONTENT" /* Length of the random boundary string. */ #define BOUNDARY_LENGTH 40 +/* Private pseudo-random number seed. Unsigned integer >= 32bit. Threads + mutual exclusion is not implemented to acess it since we do not require + high quality random numbers (only used in form boudary generation). */ + +static unsigned int randseed; + #if !defined(CURL_DISABLE_HTTP) || defined(USE_SSLEAY) #include <stdio.h> @@ -1597,6 +1603,8 @@ int main(int argc, argv_item_t argv[]) (void) argc; (void) argv; + Curl_srand(); /* Because we do not call curl_global_init() here. */ + if(FormAddTest("simple COPYCONTENTS test", &httppost, &last_post, CURLFORM_COPYNAME, name1, CURLFORM_COPYCONTENTS, value1, CURLFORM_END)) @@ -1733,8 +1741,6 @@ void curl_formfree(struct curl_httppost *form) char *Curl_FormBoundary(void) { char *retstring; - static int randomizer; /* this is just so that two boundaries within - the same form won't be identical */ size_t i; static const char table16[]="0123456789abcdef"; @@ -1744,12 +1750,10 @@ char *Curl_FormBoundary(void) if(!retstring) return NULL; /* failed */ - srand((unsigned int)time(NULL)+randomizer++); /* seed */ - strcpy(retstring, "----------------------------"); for(i=strlen(retstring); i<BOUNDARY_LENGTH; i++) - retstring[i] = table16[rand()%16]; + retstring[i] = table16[Curl_rand()%16]; /* 28 dashes and 12 hexadecimal digits makes 12^16 (184884258895036416) combinations */ @@ -1759,3 +1763,24 @@ char *Curl_FormBoundary(void) } #endif /* !defined(CURL_DISABLE_HTTP) || defined(USE_SSLEAY) */ + +/* Pseudo-random number support. This is always enabled, since called from + curl_global_init(). */ + +unsigned int Curl_rand(void) +{ + unsigned int r; + /* Return an unsigned 32-bit pseudo-random number. */ + r = randseed = randseed * 1103515245 + 12345; + return (r << 16) | ((r >> 16) & 0xFFFF); +} + +void Curl_srand(void) +{ + /* Randomize pseudo-random number sequence. */ + + randseed = (unsigned int) time(NULL); + Curl_rand(); + Curl_rand(); + Curl_rand(); +} diff --git a/lib/formdata.h b/lib/formdata.h index 04f139322..0d9400a15 100644 --- a/lib/formdata.h +++ b/lib/formdata.h @@ -97,5 +97,8 @@ void Curl_formclean(struct FormData **); CURLcode Curl_formconvert(struct SessionHandle *, struct FormData *); +void Curl_srand(void); +unsigned int Curl_rand(void); + #endif |