This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libc/15813] New: Multiple issues in __gen_tempname


http://sourceware.org/bugzilla/show_bug.cgi?id=15813

            Bug ID: 15813
           Summary: Multiple issues in __gen_tempname
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: libc
          Assignee: unassigned at sourceware dot org
          Reporter: bugdal at aerifal dot cx
                CC: drepper.fsp at gmail dot com

(1) Access to the static object value is unsynchronized, resulting in undefined
behavior. Undefined behavior is not desirable entropy.

(2) Low-resolution gettimeofday rather than high-resolution clock_gettime is
used as an entropy source.

(3) Entropy is only gathered once per run; subsequent attempts merely add 7777
to value, so that if an attacker can guess the initial temp name that will be
tried, the attacker can also guess all subsequent attempts for the same run.

Proposed solutions:

(1) Make value automatic. There is no value (pardon the pun) to keeping it
between runs.

(2) Use clock_gettime, possibly with multiple clocks (e.g. realtime and
cputime).

(3) Get new entropy on each attempt rather than adding the fixed value 7777.

-- 
You are receiving this mail because:
You are on the CC list for the bug.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]