Hi,
json-c has some... peculiarities, such as how it seeds the random number
generator for its hashing function.
https://github.com/json-c/json-c/blob/master/random_seed.c
I'm not sure how responsive the project is, hence posting here, but the
existing code causes /dev/urandom to be touched, which makes the library
not fit well within pledge; and if in a chroot and failing that instead
of getting killed, has a horrible fall-back.
Enclosed is a patch that uses arc4random as the only choice. I guess it
should be in a fancy autoconf thing, but this is a bit more direct. The
patch is off 0.12, which is in ports, and not the GH version.
Best,
Kristaps
--- ../json-c-0.12/random_seed.c Fri Apr 11 02:41:08 2014
+++ random_seed.c Tue May 3 21:34:38 2016
@@ -224,6 +224,7 @@
int json_c_get_random_seed()
{
+ return(arc4random());
#if HAVE_RDRAND
if (has_rdrand()) return get_rdrand_seed();
#endif
