Improve robustness in random seed file handling.

git-svn-id: svn://svn.tartarus.org/sgt/putty@2200 cda61777-01e9-0310-a592-d414129be87e

diff --git a/noise.c b/noise.c
index 141f111..a9dfa89 100644 (file)
--- a/noise.c
+++ b/noise.c
@@ -40,6 +40,8 @@ void noise_get_heavy(void (*func) (void *, int))
     }
 
     read_random_seed(func);
+    /* Update the seed immediately, in case another instance uses it. */
+    random_save_seed();
 
     gsps = NULL;
     mod = GetModuleHandle("KERNEL32");
@@ -56,6 +58,7 @@ void random_save_seed(void)
     if (random_active) {
        random_get_savedata(&data, &len);
        write_random_seed(data, len);
+       sfree(data);
     }
 }
 

diff --git a/sshrand.c b/sshrand.c
index 7c401af..95c7b49 100644 (file)
--- a/sshrand.c
+++ b/sshrand.c
@@ -201,7 +201,10 @@ int random_byte(void)
 
 void random_get_savedata(void **data, int *len)
 {
+    void *buf = smalloc(POOLSIZE / 2);
     random_stir();
-    *data = pool.pool + pool.poolpos;
+    memcpy(buf, pool.pool + pool.poolpos, POOLSIZE / 2);
     *len = POOLSIZE / 2;
+    *data = buf;
+    random_stir();
 }

diff --git a/unix/uxnoise.c b/unix/uxnoise.c
index 873a331..b563f7c 100644 (file)
--- a/unix/uxnoise.c
+++ b/unix/uxnoise.c
@@ -62,6 +62,7 @@ void noise_get_heavy(void (*func) (void *, int))
     pclose(fp);
 
     read_random_seed(func);
+    random_save_seed();
 }
 
 void random_save_seed(void)
@@ -72,6 +73,7 @@ void random_save_seed(void)
     if (random_active) {
        random_get_savedata(&data, &len);
        write_random_seed(data, len);
+       sfree(data);
     }
 }
 

diff --git a/unix/uxstore.c b/unix/uxstore.c
index d787ba4..670c67b 100644 (file)
--- a/unix/uxstore.c
+++ b/unix/uxstore.c
@@ -318,13 +318,18 @@ void write_random_seed(void *data, int len)
     char fname[FILENAME_MAX];
 
     make_filename(fname, INDEX_RANDSEED);
-    fd = open(fname, O_CREAT | O_TRUNC | O_WRONLY, 0600);
+    /*
+     * Don't truncate the random seed file if it already exists; if
+     * something goes wrong half way through writing it, it would
+     * be better to leave the old data there than to leave it empty.
+     */
+    fd = open(fname, O_CREAT | O_WRONLY, 0600);
     if (fd < 0) {
        char dir[FILENAME_MAX];
 
        make_filename(dir, INDEX_DIR);
        mkdir(dir, 0700);
-       fd = open(fname, O_CREAT | O_TRUNC | O_WRONLY, 0600);
+       fd = open(fname, O_CREAT | O_WRONLY, 0600);
     }
 
     while (len > 0) {