Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

use rand's SmallRng for random number generation #141

Merged
merged 2 commits into from
Apr 9, 2021
Merged

use rand's SmallRng for random number generation #141

merged 2 commits into from
Apr 9, 2021

Conversation

mcginty
Copy link
Contributor

@mcginty mcginty commented Mar 24, 2021

#119 seems to have not been updated, so here's another take at it, trying to keep the diff as small as possible.

This approach stores a SmallRng as a thread-local variable, basically directly copying the way rand does its own thread_rng() so as to avoid any issues or incompatibilities.

I opted not to further change the way that the OsString is built since that feels like it may be better in another PR.

Stebalien
Stebalien requested changes Mar 25, 2021
View reviewed changes
Copy link
Owner

@Stebalien Stebalien left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One small nit, but otherwise LGTM.

src/util.rs Outdated
use std::{io, str};

use crate::error::IoResultExt;

thread_local! {
static THREAD_RNG_KEY: Rc<UnsafeCell<SmallRng>> = Rc::new(UnsafeCell::new(SmallRng::from_entropy()));
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can drop the Rc, right? Just use THREAD_RNG_KEY.with(|rng| use rng...).

@Stebalien Stebalien merged commit c361acc into Stebalien:master Apr 9, 2021
@Stebalien Stebalien mentioned this pull request Apr 9, 2021
Closed
@mcginty
Copy link
Contributor Author

mcginty commented Apr 10, 2021

@Stebalien sorry I totally spaced on getting those changes in, thanks so much for merging!

@joshuarli joshuarli mentioned this pull request May 15, 2021
Closed
@Minoru Minoru mentioned this pull request May 16, 2021
Closed
@Minoru Minoru mentioned this pull request Jul 15, 2021
Merged
ironhaven added a commit to ironhaven/tempfile that referenced this pull request Nov 20, 2021
@ironhaven
Remove unsafe code from tmpname
3335d1b 
This patch does two things

1. Reverts Stebalien#141 by removing handspun SmallRng thread_rng that used unsafe
   *note Was it a security vulnerability to use a non CSPRNG for tempfiles?
2. Replace use of str::from_utf8_unchecked with char::encode_utf8
   Examining the assembly shows no panics generated from encode_utf8

The only functional differences of this patch is replacing SmallRng with
a slightly slower RNG and purging unsafe code from a module
@ironhaven ironhaven mentioned this pull request Nov 20, 2021
Closed
@vks vks mentioned this pull request Apr 30, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Stebalien Stebalien Stebalien approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@mcginty @Stebalien