@@ -93,7 +93,8 @@ emulator_btvirt_SOURCES = emulator/main.c monitor/bt.h \
emulator/phy.h emulator/phy.c \
emulator/amp.h emulator/amp.c \
emulator/le.h emulator/le.c
-emulator_btvirt_LDADD = lib/libbluetooth-internal.la src/libshared-mainloop.la
+emulator_btvirt_LDADD = lib/libbluetooth-internal.la src/libshared-mainloop.la \
+ src/libshared-ell.la $(ell_ldadd)
emulator_b1ee_SOURCES = emulator/b1ee.c
emulator_b1ee_LDADD = src/libshared-mainloop.la
@@ -21,6 +21,7 @@
#include <sys/un.h>
#include <sys/uio.h>
#include <time.h>
+#include <ell/ell.h>
#include "lib/bluetooth.h"
#include "lib/hci.h"
@@ -506,8 +507,7 @@ static unsigned int get_adv_delay(void)
/* The advertising delay is a pseudo-random value with a range
* of 0 ms to 10 ms generated for each advertising event.
*/
- srand(time(NULL));
- return (rand() % 11);
+ return (l_getrandom_uint32() % 11);
}
static void adv_timeout_callback(int id, void *user_data)
@@ -22,6 +22,7 @@
#include <netinet/in.h>
#include <netinet/ip.h>
#include <time.h>
+#include <ell/ell.h>
#include "src/shared/util.h"
#include "src/shared/mainloop.h"
@@ -152,6 +153,7 @@ static int create_tx_socket(void)
struct bt_phy *bt_phy_new(void)
{
struct bt_phy *phy;
+ uint64_t phy_id;
phy = calloc(1, sizeof(*phy));
if (!phy)
@@ -173,8 +175,8 @@ struct bt_phy *bt_phy_new(void)
mainloop_add_fd(phy->rx_fd, EPOLLIN, phy_rx_callback, phy, NULL);
if (!get_random_bytes(&phy->id, sizeof(phy->id))) {
- srandom(time(NULL));
- phy->id = random();
+ l_getrandom(&phy_id, sizeof(phy_id));
+ phy->id = phy_id;
}
bt_phy_send(phy, BT_PHY_PKT_NULL, NULL, 0);
From: Tedd Ho-Jeong An <tedd.an@intel.com> This patch replaces the rand() function to the l_getrandom() from ELL, which uses the getrandom() system call. It was reported by the Coverity scan rand() should not be used for security-related applications, because linear congruential algorithms are too easy to break --- Makefile.tools | 3 ++- emulator/le.c | 4 ++-- emulator/phy.c | 6 ++++-- 3 files changed, 8 insertions(+), 5 deletions(-)