[FFmpeg-devel] [PATCH] change the order of params for av_init_random()
Stefano Sabatini
stefano.sabatini-lala
Mon Jan 5 17:32:50 CET 2009
On date Monday 2009-01-05 17:00:50 +0100, Michael Niedermayer encoded:
> On Mon, Jan 05, 2009 at 02:44:34AM +0100, Stefano Sabatini wrote:
> [...]
> > Index: ffmpeg/ffserver.c
> > ===================================================================
> > --- ffmpeg.orig/ffserver.c 2009-01-05 02:40:48.000000000 +0100
> > +++ ffmpeg/ffserver.c 2009-01-05 02:41:00.000000000 +0100
> > @@ -4483,7 +4483,7 @@
> >
> > unsetenv("http_proxy"); /* Kill the http_proxy */
> >
> > - av_init_random(av_gettime() + (getpid() << 16), &random_state);
> > + av_random_init(&random_state, av_gettime() + (getpid() << 16));
> >
> > memset(&sigact, 0, sizeof(sigact));
> > sigact.sa_handler = handle_child_exit;
>
> do we really have to export the pid and starttime to an attacker?
Would be this more acceptable?
Regards.
--
FFmpeg = Foolish Frightening Marvellous Patchable Enhanced Gargoyle
-------------- next part --------------
A non-text attachment was scrubbed...
Name: attack-proof-ffserver.patch
Type: text/x-diff
Size: 681 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20090105/f0151616/attachment.patch>
More information about the ffmpeg-devel
mailing list