Comments (7)
JohnoKing
commented on September 28, 2024
1
It has been reported to the Cygwin mailing list: https://cygwin.com/pipermail/cygwin/2024-January/255245.html
from ksh.
McDutchie
commented on September 28, 2024
1
@JohnoKing, could you test this patch on Cygwin? Thanks!
diff --git a/src/lib/libast/features/random b/src/lib/libast/features/random
index 459cde022..11e7d633c 100644
--- a/src/lib/libast/features/random
+++ b/src/lib/libast/features/random
@@ -19,3 +19,59 @@ tst note{ does the system have a source of secure randomness }end run{
00000) exit 1 ;; # result: "no"
esac
}end
+
+# test for bug in Cygwin < 3.5
+# https://cygwin.com/pipermail/cygwin/2024-January/255245.html
+# https://github.com/ksh93/ksh/issues/711
+tst note{ does arc4random(3) become predictable after forking }end output{
+ #include <fcntl.h>
+ #include <stdlib.h>
+ #include <string.h>
+ #include <unistd.h>
+ #include <sys/wait.h>
+ #define PATHSIZE 1024
+ int main(int argc, char** argv)
+ {
+ char file[PATHSIZE], *t = file, *f = argv[0];
+ int fd, result;
+ pid_t child;
+ uint32_t r[3], r2[3];
+ /* create data file */
+ while (*t = *f++ && t < &file[PATHSIZE-4])
+ t++;
+ *t++ = '.', *t++ = 'D', *t = 0;
+ if ((fd = open(file, O_CREAT|O_TRUNC|O_WRONLY, 0666)) < 0)
+ return 128;
+ /* get arc4random() data from fork */
+ child = fork();
+ if (child == -1)
+ return close(fd), remove(file), 128;
+ else if (child == 0)
+ {
+ r[0] = arc4random(), r[1] = arc4random(), r[2] = arc4random();
+ write(fd, r, sizeof r);
+ return 0;
+ }
+ waitpid(child, NULL, 0);
+ close(fd);
+ /* get arc4random() data from main */
+ r[0] = arc4random(), r[1] = arc4random(), r[2] = arc4random();
+ /* compare */
+ if ((fd = open(file, O_RDWR)) < 0)
+ return remove(file), 128;
+ result = read(fd, r2, sizeof r);
+ close(fd);
+ remove(file);
+ if (result != sizeof r)
+ return 128;
+ result = !memcmp(r, r2, sizeof r);
+ if(result)
+ {
+ printf("/* native arc4random(3) broken on this system */\n");
+ printf("#undef _lib_arc4random\n");
+ printf("#undef _lib_arc4random_buf\n");
+ printf("#undef _lib_arc4random_uniform\n");
+ }
+ return !result;
+ }
+}endfrom ksh.
JohnoKing
commented on September 28, 2024
1
I have confirmed that the patch works as expected on Cygwin 3.4.10.
from ksh.
McDutchie
commented on September 28, 2024
Well, that's atrocious. But this is really Cygwin's bug and should be reported to them, right?
In the meantime we could block Cygwin and use the implementation we ship instead; not trusting their implementation by default seems like good policy at this point.
But won't we get into a name conflict with the OS-shipped version then? We may need to add some macro voodoo to src/lib/libast/features/map.c.
from ksh.
JohnoKing
commented on September 28, 2024
This bug has been fixed upstream in Cygwin commit 030a7625. That fix is only set to be released with Cygwin 3.5 (which drops Win7/8 support), so a feature test for older versions of Cygwin should still be added.
from ksh.
McDutchie
commented on September 28, 2024
Congrats on getting it fixed. :-)
Yes, I'll try to turn your reproducer into a feature test.
from ksh.
McDutchie
commented on September 28, 2024
Briliant, thanks!
from ksh.
Related Issues (20)
- ksh93's printf(1) builtin somehow turns "\x20" (space character in UTF-8) into garbage HOT 10
- Syntax error in arithmetic command crashes ksh HOT 11
- ksh dev@3b33b438 fails signal regression test on macOS 13.6.7 Intel and ARM HOT 3
- [question] should "printf -v%s x" print "-vx" ? HOT 1
- Division by negative numbers returns "division by zero" HOT 10
- Shell arithmetic is broken for integer values beyond the system's maximum float precision HOT 5
- ksh dev@4467eaff does not build on macOS Intel/ARM 13.6.8 HOT 8
- command substitution here-doc syntax error not entered in history HOT 1
- Issue with ksh93 on OpenBSD HOT 16
- Migrate code to C99 HOT 1
- Build failures: musl and glibc-2.33 HOT 2
- Syntax error leaves ksh stuck HOT 5
- jobs started inside a loop have the full loop text as their command line HOT 2
- Assignment of -0 in arithmetic expansion doesn't remove negative sign HOT 1
- Setting TMOUT in an optimized-away subshell removes the variable's special meaning
- TMOUT applies to 'read' from a non-terminal
- Regression: Double redirection in command substitution causes shell hang
- Update html docs to include documentation about the newer features
- SHOPT_EDPREDICT is broken & no def for CURSOR_UP, ERASE_EOS and pr_string
- Regression: ksh segfaults when unsetting SHLVL then exec'ing HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ksh.