This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Why is getentropy marked with warn_unused_result?

From: Paul Pluzhnikov <ppluzhnikov at google dot com>
To: Florian Bruhin <me at the-compiler dot org>
Cc: GLIBC Devel <libc-alpha at sourceware dot org>
Date: Sat, 22 Jul 2017 16:12:00 -0700
Subject: Re: Why is getentropy marked with warn_unused_result?
Authentication-results: sourceware.org; auth=none
References: <20170722211442.wmqbkjsw4t6rd4i3@hooch.localdomain>

On Sat, Jul 22, 2017 at 2:14 PM, Florian Bruhin <me@the-compiler.org> wrote:

> Why is that, since it shouldn't fail under normal circumstances (at
> least that's what Qt's sources claim)?

If you didn't check the return value, how would you ever know whether
you got entropy or not?

The fact that something doesn't fail under normal conditions doesn't
absolve you from the need to check for abnormal conditions, especially
when dealing with random data that is likely to be used for crypto.

-- 
Paul Pluzhnikov

Follow-Ups:
- Re: Why is getentropy marked with warn_unused_result?
  - From: Florian Weimer

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]