[FFmpeg-devel] [PATCH] change the order of params for av_init_random()
Baptiste Coudurier
baptiste.coudurier
Mon Jan 5 22:30:40 CET 2009
Hi,
Michael Niedermayer wrote:
> On Mon, Jan 05, 2009 at 05:32:50PM +0100, Stefano Sabatini wrote:
>> On date Monday 2009-01-05 17:00:50 +0100, Michael Niedermayer
>> encoded:
>>> On Mon, Jan 05, 2009 at 02:44:34AM +0100, Stefano Sabatini wrote:
>>> [...]
>>>> Index: ffmpeg/ffserver.c
>>>> ===================================================================
>>>> --- ffmpeg.orig/ffserver.c 2009-01-05 02:40:48.000000000 +0100
>>>> +++ ffmpeg/ffserver.c 2009-01-05 02:41:00.000000000 +0100 @@
>>>> -4483,7 +4483,7 @@
>>>>
>>>> unsetenv("http_proxy"); /* Kill the http_proxy */
>>>>
>>>> - av_init_random(av_gettime() + (getpid() << 16),
>>>> &random_state); + av_random_init(&random_state, av_gettime()
>>>> + (getpid() << 16));
>>>>
>>>> memset(&sigact, 0, sizeof(sigact)); sigact.sa_handler =
>>>> handle_child_exit;
>>> do we really have to export the pid and starttime to an attacker?
>>>
>> Would be this more acceptable?
>
> open /dev/random/ read into the seed if either fails use 0. thats
> IMHO ... iam not ffserver maintainer, and dont even know why ffserver
> needs random numbers.
Apparently ffserver needs random data for RTSP/RTP session id. Not
really sure if random is really needed, more probably unique number,
IIRC this was discussed before but Im not RTSP/RTP expert.
--
Baptiste COUDURIER GnuPG Key Id: 0x5C1ABAAA
Key fingerprint 8D77134D20CC9220201FC5DB0AC9325C5C1ABAAA
checking for life_signs in -lkenny... no
More information about the ffmpeg-devel
mailing list