[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[Libevent-users] arc4random_addrandom

This does not quite look right:

ARC4RANDOM_EXPORT void
arc4random_addrandom(const unsigned char *dat, int datlen)
{
    int j;
    _ARC4_LOCK();
    if (!rs_initialized)
        arc4_stir();
    for (j = 0; j < datlen; j += 256) {
        /* arc4_addrandom() ignores all but the first 256 bytes of
         * its input.  We want to make sure to look at ALL the
         * data in 'dat', just in case the user is doing something
         * crazy like passing us all the files in /var/log. */
        arc4_addrandom(dat + j, datlen - j);
    }
    _ARC4_UNLOCK();
}

It looks like its a O(n^2) algorithm, and it could be painful if all
the data in /var/log is passed in.

Iter 0:
   data + 0, datalen - 0
Iter 1:
   data + 256, datalen - 256
Iter 2:
   data + 512, datalen - 512
...

Pictorially, I think its:

    ****************
        ************
            ********
                 ...

It feels like it should be:

    k = min(256, datlen - j);
    arc4_addrandom(dat + j, k);

Jeff
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxx with
unsubscribe libevent-users    in the body.