From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mout-p-201.mailbox.org (mout-p-201.mailbox.org [80.241.56.171]) by sourceware.org (Postfix) with ESMTPS id 6978E3858D32 for ; Sun, 1 Jan 2023 22:00:30 +0000 (GMT) Received: from smtp2.mailbox.org (smtp2.mailbox.org [IPv6:2001:67c:2050:b231:465::2]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mout-p-201.mailbox.org (Postfix) with ESMTPS id 4NlXx62Tg9z9sT2; Sun, 1 Jan 2023 23:00:26 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=aarsen.me; s=MBO0001; t=1672610426; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=zL8WOBvMzqu2pLn+GOk6MkVgUZav3plaAAfBRoSQngY=; b=ZJz8AJrBI3Ytsa0Mhm19yqSAJQdqTYaTL0xrOuZBV8zmtK8m7P6nl5YtDyoWXEZSwDCHHB 6IYAdop7as3WnvrCWYeVf44bGEhVUpOWoaJVMD78qVJkUbENDHGOBoyohZxJDbKJgu+OWo BHCl7CYAz1HOloSbmAEdQ50mrjOicNUqO4OxGOqWNGFLEManrqpYtSPiWarpZdPCx0xRpC dHzW1pbLFm1OJnq30TfBtHQ6srrTY4ut2zj1DL1FsquMqkf4i4sJfdEqDBLqx9l7nZSHXD JcqqXuvSMdwXcspxuLqh4YSoF4CG74yw9N+Yl8JgBF4yA/cm9rEh9gz6aNrG8Q== References: <20221231023653.41877-1-alx@kernel.org> From: Arsen =?utf-8?Q?Arsenovi=C4=87?= To: Alejandro Colomar Cc: Alejandro Colomar , Theo de Raadt , "Todd C . Miller" , "Jason A. Donenfeld" , Cristian =?utf-8?Q?Rodr=C3=ADguez?= , Adhemerval Zanella , Yann Droneaud , Joseph Myers , libc-alpha@sourceware.org Subject: Re: [PATCH] Give a useful meaning to arc4random_uniform(0); Date: Sun, 01 Jan 2023 22:37:46 +0100 In-reply-to: <20221231023653.41877-1-alx@kernel.org> Message-ID: <877cy529vu.fsf@aarsen.me> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" X-Rspamd-Queue-Id: 4NlXx62Tg9z9sT2 X-Spam-Status: No, score=-5.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,KAM_INFOUSMEBIZ,RCVD_IN_DNSWL_LOW,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi, Alejandro Colomar via Libc-alpha writes: > Special-casing it in the implementation to return 0 was useless. > Instead, considering 0 as the value after UINT32_MAX has the property > that it allows implementing the following function without any > special cases: > > uint32_t > arc4random_range(uint32_t min, uint32_t max) > { > return arc4random_uniform(max - min + 1) + min; > } > > This works for any values of min and max (as long as min <=3D max, of > course), even for (0, UINT32_MAX). > > Oh, and the implementation of arc4random_uniform(3) is now 2 lines > simpler. :) While I think this is better than the original meaning, the range [n, n) cannot produce a (N_0) value. For this reason, I believe the best behavior for this would be to abort. Zero is wrong because it's not in [0, 0), which goes also for all values of [0, 2**32), but not for [0, -1] in the unsigned number space (which is why I'm giving it more credit than just returning zero), though specifying that doesn't sit easy with me, since [x, n) and [x, n-1] aren't necessarily equivalent. Furthermore, should the need to rely on "return zero for empty range" behavior arise, an Autoconf test for arc4random_uniform (0) behavior would be simpler if the test program aborted, as arc4random_uniform (n) =3D=3D 0 is quite valid, and easily could happen at configure time. Should one needs to produce a uniformly distributed value over the full range of [0, 2**32), they should invoke arc4random (). Moving the special case into a wrapper function is similarly trivial to achieve either of the discussed behaviors. Of course, changing existing APIs is never easy... At least aborts are easy to spot. Have a great night. =2D-=20 Arsen Arsenovi=C4=87 --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iIYEARYKAC4WIQT+4rPRE/wAoxYtYGFSwpQwHqLEkwUCY7ICdRAcYXJzZW5AYWFy c2VuLm1lAAoJEFLClDAeosSTXpIA/2FAy/qqGxD7leDoGzb9vrJuKz//PK1F8u07 erSzwcZ6AP48ugw4vjpYoVhDEnTJaqI9zFQ/pPYXTQNOB+ysE3PiDQ== =eQvK -----END PGP SIGNATURE----- --=-=-=--