On 12/31/22 16:13, Alejandro Colomar wrote: > Hi Theo, > > On 12/31/22 15:56, Alejandro Colomar wrote: >>> >>> I do not like your proposal at all.  A function like arc4random_range() >>> is even more likely to be used wrong by passing backwards points >>> and you seem to have a lot of hubris to add a range check to it. > > I didn't understand the entire sentence, since I'm not a native English speaker. >  Sorry for that.  About adding a range check, I'm not against it.  But what to > do in that case?  abort()?  I don't see anything significantly better?  In the s/better?/better./ > Linux kernel, the used something BUILD_BUG, but I don't know those macros very s/the used/they used/ Sorry for the typos. > much. > > I'm really open to discussion about what would the the best behavior when max < > min. > > Cheers, > > Alex > >> >> Oh, I just checked hubris in the dictionary and it seems you did mention ego. >> I'll try to rebate you with something useful. >> >> If you run `grep -rn 'arc4random_uniform('` in the OpenBSD tree, there will be >> many cases where you'd really benefit from this.  I'll just pick a few: >> >> >> sys/net/pf_lb.c:224: >>              cut = arc4random_uniform(1 + high - low) + low; >> better as: >>              cut = arc4random_range(low, high); >> >> >> sys/kern/kern_fork.c:648: >>          pid = 2 + arc4random_uniform(PID_MAX - 1); >> better as: >>          pid = arc4random_range(2, PID_MAX); >> >> >> usr.bin/nc/netcat.c:1501: >>                  cp = arc4random_uniform(x + 1); >> better as: >>                  cp = arc4random_range(0, x); >> >> --