Veracode static analysis results
elb at pidgin.im
Sun Dec 30 14:41:07 EST 2012
Mark Doliner spake unto us the following wisdom:
> On Sat, Dec 29, 2012 at 5:35 PM, Ethan Blanton <elb at pidgin.im> wrote:
> > Neither rand() nor g_rand_int() uses /dev/random
> I didn't realize that. How does the attached patch (against trunk)
> look? I suppose I should wrap it in #ifdef DEV_RANDOM_EXISTS or some
> such. Anyone think this should go into 2.x.y? The code in question
> is called from two places:
Looks perfectly reasonable to me.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 482 bytes
Desc: Digital signature
More information about the security