[GHC] #10940: Random number chosen by openTempFile is always 1804289383846930886
GHC
ghc-devs at haskell.org
Wed Oct 7 10:16:06 UTC 2015
#10940: Random number chosen by openTempFile is always 1804289383846930886
-------------------------------------+-------------------------------------
Reporter: andersk | Owner:
Type: bug | Status: new
Priority: normal | Milestone:
Component: | Version: 7.10.2
libraries/base |
Keywords: | Operating System: Linux
Architecture: | Type of failure: Incorrect result
Unknown/Multiple | at runtime
Test Case: | Blocked By:
Blocking: | Related Tickets:
Differential Rev(s): |
-------------------------------------+-------------------------------------
{{{#!hs
import System.Directory
import System.IO
main = do
(p, _) <- openTempFile "/tmp" ""
print p
removeFile p
}}}
{{{#!console
$ runghc temp.hs
"/tmp/1804289383846930886"
$ runghc temp.hs
"/tmp/1804289383846930886"
$ runghc temp.hs
"/tmp/1804289383846930886"
$ runghc temp.hs
"/tmp/1804289383846930886"
}}}
This “random” number is the concatenation of the first two numbers
1804289383, 846930886 returned by glibc’s `rand()` when not seeded (or
seeded with 1).
This is not immediately a library security bug, I think: the file is
created with `O_EXCL`, and if it already exists, `openTempFile` will move
onto the next value 16816927771714636915, and so on. However, the
predictable filenames make a potential application security bug that much
more likely.
(For your amusement, [https://www.google.com/search?q=1804289383846930886
Google 1804289383846930886].)
--
Ticket URL: <http://ghc.haskell.org/trac/ghc/ticket/10940>
GHC <http://www.haskell.org/ghc/>
The Glasgow Haskell Compiler
More information about the ghc-tickets
mailing list