From: Elan Ruusamäe Date: Fri, 6 Jul 2012 15:26:26 +0000 (+0000) Subject: - remove srand initialization based on current time!!! X-Git-Tag: auto/ac/php-pecl-solr-1_0_2-2 X-Git-Url: http://git.pld-linux.org/?p=packages%2Fphp-pecl-solr.git;a=commitdiff_plain;h=d0d889262a5f1fa9980fd584b0bf5c1ffd31c711 - remove srand initialization based on current time!!! Changed files: do-not-screw-with-random-seed.patch -> 1.1 php-pecl-solr.spec -> 1.5 --- diff --git a/do-not-screw-with-random-seed.patch b/do-not-screw-with-random-seed.patch new file mode 100644 index 0000000..6e6d6ba --- /dev/null +++ b/do-not-screw-with-random-seed.patch @@ -0,0 +1,32 @@ +DO NOT SCREW WITH RANDOM SEED + +Do not initialize the seed with srand or mt_srand, it is already initialized +since PHP 4.2.0 (See the docs). And if you initialize it with time or microtime +you make it only more worse (predictable). + +And initializing random seed with predictable value is extremely stupid. + +I had situation that three machines simulatenously produced temporary directory +names based on random generator, and they all got same results, this is utterly +screwed up up the application! + +Jul 6 10:37:26 segusilm php.fcgi: PHP Fatal error: Uncaught exception 'Exception' with message 'Can't mkdir '/tmp/foo_UZNHCMUDWZ/archive': mkdir(): File exists' in /usr/share/foo/lib/plugins/Plugin.php:127 +Jul 6 10:37:26 lordi php.fcgi: PHP Warning: unlink(/tmp/foo_UZNHCMUDWZ/archive/title.inc): No such file or directory in /usr/share/foo/lib/helper/OutputHelper.php on line 68 + +it is strongly recommended for PHP application developers to keep their fingers +away from srand() or mt_srand() and to never ever use rand() or mt_rand() for +cryptographic secrets: +http://www.suspekt.org/2008/08/17/mt_srand-and-not-so-random-numbers/ + +--- php-pecl-solr-1.0.2/php_solr.c~ 2011-11-29 04:50:07.000000000 +0200 ++++ php-pecl-solr-1.0.2/php_solr.c 2012-07-06 18:15:25.730180032 +0300 +@@ -1082,9 +1082,6 @@ + /* Always NULL. Kept for API backward compatibility purposes only */ + hash_func_t pHashFunction = NULL; + +- /* initialize random seed */ +- srand(time(NULL)); +- + ALLOC_HASHTABLE(SOLR_GLOBAL(documents)); + ALLOC_HASHTABLE(SOLR_GLOBAL(clients)); + ALLOC_HASHTABLE(SOLR_GLOBAL(params)); diff --git a/php-pecl-solr.spec b/php-pecl-solr.spec index eb4ca42..066e377 100644 --- a/php-pecl-solr.spec +++ b/php-pecl-solr.spec @@ -7,12 +7,13 @@ Summary: Object oriented API to Apache Solr Summary(fr.UTF-8): API orientée objet pour Apache Solr Name: php-pecl-solr Version: 1.0.2 -Release: 1 +Release: 2 License: PHP Group: Development/Languages URL: http://pecl.php.net/package/solr Source0: http://pecl.php.net/get/%{modname}-%{version}.tgz # Source0-md5: 1632144b462ab22b91d03e4d59704fab +Patch0: do-not-screw-with-random-seed.patch BuildRequires: curl-devel BuildRequires: libxml2-devel >= 1:2.6.16 %{?with_tests:BuildRequires: php-curl} @@ -70,6 +71,8 @@ mv %{modname}-%{version}/* . # avoid 1970 dates in doc find -newer TODO -o -print | xargs touch --reference %{SOURCE0} +%patch0 -p1 + %build packagexml2cl package.xml > ChangeLog