On 04/08/2017 04:05 PM, Adam Chlipala wrote:
On 04/06/2017 06:22 PM, Benjamin Barenblat wrote:
The fact that `rand` returns -1 on failure, however, is a bit scary.
That sounds like a CVE waiting to happen – people aren’t going to
check the result code from `rand`. Adam, how would you feel about it
returning an `option` or throwing an application error if it fails?
Raising an error seems like a reasonable idea. It could signal to
snooping parties that we ran out of entropy, but I hope that isn't
such a serious leak. Any other strong opinions from people watching
the list?
OK, absent other opinions, I implemented raising an error.
_______________________________________________
Ur mailing list
[email protected]
http://www.impredicative.com/cgi-bin/mailman/listinfo/ur
