Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:97774 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 72127 invoked from network); 16 Jan 2017 07:05:15 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 16 Jan 2017 07:05:15 -0000 Authentication-Results: pb1.pair.com header.from=yohgaki@ohgaki.net; sender-id=pass Authentication-Results: pb1.pair.com smtp.mail=yohgaki@ohgaki.net; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain ohgaki.net designates 180.42.98.130 as permitted sender) X-PHP-List-Original-Sender: yohgaki@ohgaki.net X-Host-Fingerprint: 180.42.98.130 ns1.es-i.jp Received: from [180.42.98.130] ([180.42.98.130:59516] helo=es-i.jp) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 6C/E3-00729-9A07C785 for ; Mon, 16 Jan 2017 02:05:14 -0500 Received: (qmail 17260 invoked by uid 89); 16 Jan 2017 07:05:09 -0000 Received: from unknown (HELO mail-wm0-f43.google.com) (yohgaki@ohgaki.net@74.125.82.43) by 0 with ESMTPA; 16 Jan 2017 07:05:09 -0000 Received: by mail-wm0-f43.google.com with SMTP id r144so161218326wme.1 for ; Sun, 15 Jan 2017 23:05:09 -0800 (PST) X-Gm-Message-State: AIkVDXJGR5D2nbe0CpUkUlbxy7J8Z29f/qXZHQHagR20CSdoHUWzko0o9Haw9rBtI8ImGQ+MnOs3QfGXVvE3uQ== X-Received: by 10.28.13.131 with SMTP id 125mr621747wmn.122.1484550301986; Sun, 15 Jan 2017 23:05:01 -0800 (PST) MIME-Version: 1.0 Received: by 10.195.12.8 with HTTP; Sun, 15 Jan 2017 23:04:21 -0800 (PST) Date: Mon, 16 Jan 2017 16:04:21 +0900 X-Gmail-Original-Message-ID: Message-ID: To: "internals@lists.php.net" Content-Type: multipart/alternative; boundary=001a113eb39266bb76054630cd44 Subject: Improving mt_rand() seed From: yohgaki@ohgaki.net (Yasuo Ohgaki) --001a113eb39266bb76054630cd44 Content-Type: text/plain; charset=UTF-8 Hi all, Since I was about to improve uniqid()'s entropy by replacing php_combined_lcg() to php_random_int(), I spent time to check other places that could be a problem. mt_rand()'s is seeded as follows by default. ext/standard/php_rand.h #ifdef PHP_WIN32 #define GENERATE_SEED() (((zend_long) (time(0) * GetCurrentProcessId())) ^ ((zend_long) (1000000.0 * php_combined_lcg()))) #else #define GENERATE_SEED() (((zend_long) (time(0) * getpid())) ^ ((zend_long) (1000000.0 * php_combined_lcg()))) #endif We know this kind of seed is guessable. i.e. Our session id is compromised by this kind of code. Although it would be rare that raw mt_rand() value is exposed, but guessable value is guessable. I'm going to replace the seeding code by simple php_random_int() call. Any comments? Regards, -- Yasuo Ohgaki yohgaki@ohgaki.net --001a113eb39266bb76054630cd44--