From 6126f7a53c57485a9a29ddd772765695f23c92e6 Mon Sep 17 00:00:00 2001
From: Petr Uzel
Date: Thu, 3 May 2012 21:02:01 +0200
Subject: libuuid: avoid double open and leaking descriptor

We are opening /dev/urandom twice in uuid_generate(): first to check if
the file is available and then later __uuid_generate_random() again to
actually get the random data. Moreover, descriptor from the first open
is leaking.

Fix by passign the descriptor down the stack and reusing it there.

References: http://marc.info/?l=util-linux-ng&m=133406051131131&w=2

Signed-off-by: Petr Uzel <petr.uzel@suse.cz>
---
 lib/randutils.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

(limited to 'lib/randutils.c')

diff --git a/lib/randutils.c b/lib/randutils.c
index b90c88691..0513798a0 100644
--- a/lib/randutils.c
+++ b/lib/randutils.c
@@ -58,13 +58,15 @@ int random_get_fd(void)
  * Use /dev/urandom if possible, and if not,
  * use glibc pseudo-random functions.
  */
-void random_get_bytes(void *buf, size_t nbytes)
+void random_get_bytes(void *buf, size_t nbytes, int fd)
 {
 	size_t i, n = nbytes;
-	int fd = random_get_fd();
 	int lose_counter = 0;
 	unsigned char *cp = (unsigned char *) buf;
 
+	if (fd < 0)
+		fd = random_get_fd();
+
 	if (fd >= 0) {
 		while (n > 0) {
 			ssize_t x = read(fd, cp, n);
@@ -111,7 +113,7 @@ int main(int argc, char *argv[])
 
 	/* generate and print 10 random numbers */
 	for (i = 0; i < 10; i++) {
-		random_get_bytes(&v, sizeof(v));
+		random_get_bytes(&v, sizeof(v), -1);
 		printf("%d\n", v);
 	}
 
-- 
cgit v1.2.3-55-g7522