Hi Theo,

On 12/31/22 15:56, Alejandro Colomar wrote:
>>
>> I do not like your proposal at all.  A function like arc4random_range()
>> is even more likely to be used wrong by passing backwards points
>> and you seem to have a lot of hubris to add a range check to it.

I didn't understand the entire sentence, since I'm not a native English speaker. 
  Sorry for that.  About adding a range check, I'm not against it.  But what to 
do in that case?  abort()?  I don't see anything significantly better?  In the 
Linux kernel, the used something BUILD_BUG, but I don't know those macros very much.

I'm really open to discussion about what would the the best behavior when max < min.

Cheers,

Alex

> 
> Oh, I just checked hubris in the dictionary and it seems you did mention ego. 
> I'll try to rebate you with something useful.
> 
> If you run `grep -rn 'arc4random_uniform('` in the OpenBSD tree, there will be 
> many cases where you'd really benefit from this.  I'll just pick a few:
> 
> 
> sys/net/pf_lb.c:224:
>              cut = arc4random_uniform(1 + high - low) + low;
> better as:
>              cut = arc4random_range(low, high);
> 
> 
> sys/kern/kern_fork.c:648:
>          pid = 2 + arc4random_uniform(PID_MAX - 1);
> better as:
>          pid = arc4random_range(2, PID_MAX);
> 
> 
> usr.bin/nc/netcat.c:1501:
>                  cp = arc4random_uniform(x + 1);
> better as:
>                  cp = arc4random_range(0, x);
> 
> 
-- 
<http://www.alejandro-colomar.es/>