util-random: workaround getrandom unavailability

getrandom syscall availability is detected at runtime. So it is possible that the build is done on a box that supports it but the run is done on a system with no availability. So a workaround solution is needed to fix this case. Also we have seen some issue in docker environment where the build is detecting getrandom but where it does not work at runtime. For both reasons, the code is updated to have a call to a fallback function if ever the getrandom call returns that the syscall is not available.
7 years ago · 851efd9c60
parent d73b5ee276
commit 851efd9c60
1 changed files with 36 additions and 13 deletions
--- a/src/util-random.c
+++ b/src/util-random.c
@ -27,6 +27,33 @@
 #include "suricata-common.h"
 #include "util-random.h"

+#if defined(HAVE_CLOCK_GETTIME)
+
+static long int RandomGetClock(void)
+{
+    struct timespec ts;
+    clock_gettime(CLOCK_REALTIME, &ts);
+
+    srandom(ts.tv_nsec ^ ts.tv_sec);
+    long int value = random();
+    return value;
+}
+
+#elif !(defined(HAVE_WINCRYPT_H) &&  defined(OS_WIN32))
+
+static long int RandomGetPosix(void)
+{
+    struct timeval tv;
+    memset(&tv, 0, sizeof(tv));
+    gettimeofday(&tv, NULL);
+
+    srandom(tv.tv_usec ^ tv.tv_sec);
+    long int value = random();
+    return value;
+}
+
+#endif
+
 #if defined(HAVE_WINCRYPT_H) && defined(OS_WIN32)
 #include <wincrypt.h>

@ -62,6 +89,13 @@ long int RandomGet(void)
    /* ret should be sizeof(value), but if it is > 0 and < sizeof(value)
     * it's still better than nothing so we return what we have */
    if (ret <= 0) {
+        if (ret == -ENOSYS) {
+#if defined(HAVE_CLOCK_GETTIME)
+            return RandomGetClock();
+#else
+            return RandomGetPosix();
+#endif
+        }
        return -1;
    }
    return value;
@ -72,12 +106,7 @@ long int RandomGet(void)
    if (g_disable_randomness)
        return 0;

-    struct timespec ts;
-    clock_gettime(CLOCK_REALTIME, &ts);
-
-    srandom(ts.tv_nsec ^ ts.tv_sec);
-    long int value = random();
-    return value;
+    return RandomGetClock();
 }
 #else
 long int RandomGet(void)
@ -85,12 +114,6 @@ long int RandomGet(void)
    if (g_disable_randomness)
        return 0;

-    struct timeval tv;
-    memset(&tv, 0, sizeof(tv));
-    gettimeofday(&tv, NULL);
-
-    srandom(tv.tv_usec ^ tv.tv_sec);
-    long int value = random();
-    return value;
+    return RandomGetPosix();
 }
 #endif