On 3/14/19 2:43 PM, Philippe Mathieu-Daudé wrote: > On 3/14/19 4:39 PM, Daniel P. Berrangé wrote: >> On Wed, Mar 13, 2019 at 09:55:19PM -0700, Richard Henderson wrote: >>> static void make_challenge(VncState *vs) >>> { >>> - int i; >>> - >>> - srand(time(NULL)+getpid()+getpid()*987654+rand()); >>> - >>> - for (i = 0 ; i < sizeof(vs->challenge) ; i++) >>> - vs->challenge[i] = (int) (256.0*rand()/(RAND_MAX+1.0)); >>> + qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), >>> &error_fatal); >>> } >> >> Old code would not fail, but the new code can. So make_challenge needs >> to return an error to the caller, which must then drop the client conn. > > Is the old code equivalent to using a NULL errp? > > qcrypto_random_bytes(vs->challenge, sizeof(vs->challenge), NULL);
No, since it doesn't initialize challenge to anything. Daniel is right that I must do more to fail the session. Will be done in v3. r~