Improve random number generator seeding with extra juice from /dev/urandom

1 files changed, 12 insertions, 2 deletions

diff --git a/execute.c b/execute.c
index f5d4270..95e9ccc 100644
--- a/execute.c
+++ b/execute.c
@@ -1315,6 +1315,7 @@ static void suhosin_gen_entropy(php_uint32 *seedbuf TSRMLS_DC)
     unsigned long stack_value = (unsigned long)&code_value;
     unsigned long heap_value  = (unsigned long)SUHOSIN_G(r_state);
     suhosin_SHA256_CTX   context;
+    int fd;
     
     code_value ^= code_value >> 32;
     stack_value ^= stack_value >> 32;
@@ -1330,9 +1331,18 @@ static void suhosin_gen_entropy(php_uint32 *seedbuf TSRMLS_DC)
     seedbuf[4] = getpid();
 #endif
     seedbuf[5] = (php_uint32) 0x7fffffff * php_combined_lcg(TSRMLS_C);
-    
+
+#ifndef PHP_WIN32
+    fd = VCWD_OPEN("/dev/urandom", O_RDONLY);
+    if (fd >= 0) {
+        /* ignore error case - if urandom doesn't give us any/enough random bytes */
+        read(fd, &seedbuf[6], 2 * sizeof(php_uint32));
+        close(fd);
+    }
+#endif
+
     suhosin_SHA256Init(&context);
-        suhosin_SHA256Update(&context, (void *) seedbuf, sizeof(php_uint32) * 6);
+        suhosin_SHA256Update(&context, (void *) seedbuf, sizeof(php_uint32) * 8);
         suhosin_SHA256Final(seedbuf, &context);
 }
 /* }}} */