Date: Thu, 11 Apr 2019 05:09:31 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 230792] sort -R, --random-source issues Message-ID: <bug-230792-227-JzK36sAjTt@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-230792-227@https.bugs.freebsd.org/bugzilla/> References: <bug-230792-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D230792 --- Comment #4 from commit-hook@freebsd.org --- A commit references this bug: Author: cem Date: Thu Apr 11 05:08:50 UTC 2019 New revision: 346116 URL: https://svnweb.freebsd.org/changeset/base/346116 Log: sort(1): Simplify and bound random seeding Bound input file processing length to avoid the issue reported in [1]. F= or simplicity, only allow regular file and character device inputs. For character devices, only allow /dev/random (and /dev/urandom symblink). 32 bytes of random is perfectly sufficient to seed MD5; we don't need any more. Users that want to use large files as seeds are encouraged to trun= cate those files down to an appropriate input file via tools like sha256(1). (This does not change the sort algorithm of sort -R.) [1]: https://lists.freebsd.org/pipermail/freebsd-hackers/2018-August/053152.html PR: 230792 Reported by: Ali Abdallah <aliovx AT gmail.com> Relnotes: yes Changes: head/usr.bin/sort/sort.c --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-230792-227-JzK36sAjTt>