shorten comments for pr #390
This commit is contained in:
Daan
parent
48996ff449
commit
0e851de2ba
38
src/random.c
38
src/random.c
@ -160,7 +160,7 @@ uintptr_t _mi_random_next(mi_random_ctx_t* ctx) {
|
||||
/* ----------------------------------------------------------------------------
|
||||
To initialize a fresh random context we rely on the OS:
|
||||
- Windows : BCryptGenRandom (or RtlGenRandom)
|
||||
- macOS : CCRandomGenerateBytes
|
||||
- macOS : CCRandomGenerateBytes, arc4random_buf
|
||||
- bsd,wasi : arc4random_buf
|
||||
- Linux : getrandom,/dev/urandom
|
||||
If we cannot get good randomness, we fall back to weak randomness based on a timer and ASLR.
|
||||
@ -194,34 +194,22 @@ static bool os_random_buf(void* buf, size_t buf_len) {
|
||||
|
||||
#elif defined(__APPLE__)
|
||||
#include <AvailabilityMacros.h>
|
||||
#if defined(MAC_OS_X_VERSION_10_10) && \
|
||||
MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_10
|
||||
#if defined(MAC_OS_X_VERSION_10_10) && MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_10
|
||||
#include <CommonCrypto/CommonRandom.h>
|
||||
#endif
|
||||
static bool os_random_buf(void* buf, size_t buf_len) {
|
||||
/* The implementation of arc4random_buf(3) differs from its documentation.
|
||||
* It is documented as "always successful, and no return value is reserved
|
||||
* to indicate an error." However, the actual implementation invokes the
|
||||
* function "ccrng_generate" without validating the error cases. It might
|
||||
* fail silently, which leads to unexpected source of entropy.
|
||||
* See:
|
||||
* https://opensource.apple.com/source/Libc/Libc-1439.40.11/gen/FreeBSD/arc4random.c.auto.html
|
||||
*
|
||||
* CCRandomGenerateBytes(), on the contrary, returns cryptographically strong
|
||||
* random bits with explicit status code.
|
||||
*/
|
||||
#if defined(MAC_OS_X_VERSION_10_15) && \
|
||||
MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_15
|
||||
return CCRandomGenerateBytes(buf, buf_len) == kCCSuccess;
|
||||
#else
|
||||
/* Prior to macOS 10.15, CCRandomGenerateBytes() might take a bit longer time
|
||||
* to complete, so failback to arc4random_buf().
|
||||
*/
|
||||
arc4random_buf(buf, buf_len);
|
||||
return true;
|
||||
#endif
|
||||
#if defined(MAC_OS_X_VERSION_10_15) && MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_15
|
||||
// We prefere CCRandomGenerateBytes as it returns an error code while arc4random_buf
|
||||
// may fail silently on macOS. See PR #390, and <https://opensource.apple.com/source/Libc/Libc-1439.40.11/gen/FreeBSD/arc4random.c.auto.html>
|
||||
return (CCRandomGenerateBytes(buf, buf_len) == kCCSuccess);
|
||||
#else
|
||||
// fall back on older macOS
|
||||
arc4random_buf(buf, buf_len);
|
||||
return true;
|
||||
#endif
|
||||
}
|
||||
#elif defined(ANDROID) || defined(__DragonFly__) || \
|
||||
|
||||
#elif defined(__ANDROID__) || defined(__DragonFly__) || \
|
||||
defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || \
|
||||
defined(__sun) // todo: what to use with __wasi__?
|
||||
#include <stdlib.h>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user