New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Crystal::System::Random buffers /dev/urandom #5843
Comments
this fix rand, but not uuid diff --git a/src/random/pcg32.cr b/src/random/pcg32.cr
index 2ad06cfb2..0e97fc78a 100644
--- a/src/random/pcg32.cr
+++ b/src/random/pcg32.cr
@@ -51,7 +51,7 @@ class Random::PCG32
end
def new_seed
- new_seed(Random::Secure.rand(UInt64::MIN..UInt64::MAX), Random::Secure.rand(UInt64::MIN..UInt64::MAX))
+ new_seed(Random::Secure.rand(UInt64::MIN..UInt64::MAX) + Process.pid, Random::Secure.rand(UInt64::MIN..UInt64::MAX))
end
def new_seed(initstate : UInt64, initseq = 0_u64)
|
The bug is that The bug is this assumption:
This is false since |
Not a "wrong" assumption: the docs state numerous times that
The behavior of |
I agree. I'll work on that. |
This is fixed by #5849 (right?) |
Why read buffering causes this behaviour? I can't see the relationship between that and the incorrect behaviour of urandom. |
The problem happens when forking the process. If you read from urandom and have a buffet, you fill the buffer, then have the exact same random sequences in each forked process (because they read from the buffer). It's also a problem to have random data that is yet to be used saved in memory. Never underestimate a motivated attacker :) |
@ysbaddaden Thanks for the explanation! |
You're welcome. Last bit: reading 8KB when all we need are 8 bytes to seed a PRNG, for example, that's a little too much :) |
I see what you did there :-) |
just meet this bug again, now on ubuntu 12.04, crystal 0.26.0 (on osx no bug). |
@kostya can't reproduce using the sample code above using ubuntu 12.04 in docker with crystal 0.26.1 can you try 0.26.1? Does the example still repro or do you need a new example to reproduce on the buggy system? |
|
Reproduced on Ubuntu Trusty. |
@kostya what's |
Linux server 3.2.0-64-generic #97-Ubuntu SMP Wed Jun 4 22:04:21 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux |
ouch, thats an old kernel |
Not reproduced too on my side:
That's definitely linked to a |
@kostya does this still reproduce for you? :) |
I think this is fixed. |
i find this while using https://github.com/kostya/run_with_fork. Crystal in
after_fork_child_callbacks
callsRandom::DEFAULT.new_seed
, but new seed for every fork get from Random::Secure.rand which is also the same for each fork. May be mix some Process.pid into seed?The text was updated successfully, but these errors were encountered: