Casting time(2) return value to int and multiplying the result with
such a constant will definitely lead to a signed overflow by this day.
Since signed overflows are undefined behaviour in C, avoid this.
Casting to unsigned is more than enough since the upper bits of a
64 bit time_t value will be removed with the int conversion anyway.
The json-c library is used in cryptsetup for LUKS2 header information.
Since cryptsetup can be called very early during boot, the developers
avoid getrandom() calls in their own code base for now. [1]
Introducing a blocking getrandom() call in json-c therefore introduces
this issue for cryptsetup as well. Even though cryptsetup issues do not
have to be json-c issues, here is my proposal:
Let's use a non-blocking call, falling back to other sources if the call
would block. Since getrandom() accesses urandom, it must mean that we
are in an early boot phase -- otherwise the call would not block
according to its manual page.
As stated in manual page of random(4), accessing /dev/urandom won't
block but return weak random numbers, therefore this fallback would work
for json-c.
While at it, fixed the debug message.
[1] https://gitlab.com/cryptsetup/cryptsetup/-/merge_requests/47
which references to https://lwn.net/Articles/800509/
Lower overhead than opening & reading from /dev/urandom, and works
in chroots and other situtations where /dev/urandom is not available.
Falls back to existing methods when kernel doesn't support the syscall.
Some CPUs advertise RDRAND in CPUID, but return 0xFFFFFFFF
unconditionally. To avoid locking up later, test RDRAND during
initialization, and if it returns 0xFFFFFFFF, mark it as nonexistent.
Fixes#588.
2.replace json_object_get/put API with json_object_retain/release, as they operate the reference counter, and confused with array_list_get/put_idx.
3.replace array_list_get/put_idx API with array_list_get/insert to make them more clear to use.
If we want to override `strerror()` in libjson-c
to make tests consistent across platforms, we
need to do it build-wide as configure/build
option.
Apple linkers make it really hard to override functions
at link-time, and this seems to be locked down on travis-ci.org
[ for security reasons I assume ].
While I got it to work locally, it did not work
when running on travis.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Robert Bielik
Philosoph228
Eric Haszlakiewicz
Pierce Lopez
Tobias Stoeckmann
Alan Coopersmith
Gianluigi Tiesi
Tudor Brindus
Rubasri Kalidas
Haffon
Alexandru Ardelean
James Myatt
Michael Vetter
Andrew Stubbs
Alexandru Costache
Michael Clark