[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

libc6: fread(buf, 1, 1) from urandom consumes 4096 bytes of entropy

Hello Jonathan!

On Wednesday 03 August 2011, Jonathan Nieder wrote:
> Philipp Marek wrote:
> > I think that on sockets, pipes, character devices, and similar there
> > should be _no_ readahead.
> On the contrary, on sockets and pipes, readahead is very useful.
> Luckily buffering there works a little closer to what you would expect
> --- read() returns early with what is available and fgetc happily
> makes use of the result without reading again.
Sorry, I did not make myself clear.

If there are multiple programs accessing the handle it's _vital_ for 
sockets, cdevs and pipes that only the needed amount is read; files and 
block devices can be seek()ed, but data read from one stream is _lost_ for 
everybody else!

Think about a process reading authentication information, then starting a 
different program for handling the stream (authenticated inetd, if you 
like); if the fread() got more than just the authentication information, the 
other process will not get the handshake!

I believe that fgetc() and fgets() shouldn't do prefetching on file handles 
with "volatile" data.

> So I agree with Petr on this one.  How about this patch?  It will also
> help on every other unix supporting /dev/random I know of.
Well, ECL is fixed in that a different fix is already in git, but thank you 

Reply to: