[Bug 230792] sort -R, --random-source issues
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Apr 11 05:09:34 UTC 2019
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=230792
--- Comment #4 from commit-hook at freebsd.org ---
A commit references this bug:
Author: cem
Date: Thu Apr 11 05:08:50 UTC 2019
New revision: 346116
URL: https://svnweb.freebsd.org/changeset/base/346116
Log:
sort(1): Simplify and bound random seeding
Bound input file processing length to avoid the issue reported in [1]. For
simplicity, only allow regular file and character device inputs. For
character devices, only allow /dev/random (and /dev/urandom symblink).
32 bytes of random is perfectly sufficient to seed MD5; we don't need any
more. Users that want to use large files as seeds are encouraged to truncate
those files down to an appropriate input file via tools like sha256(1).
(This does not change the sort algorithm of sort -R.)
[1]:
https://lists.freebsd.org/pipermail/freebsd-hackers/2018-August/053152.html
PR: 230792
Reported by: Ali Abdallah <aliovx AT gmail.com>
Relnotes: yes
Changes:
head/usr.bin/sort/sort.c
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list