Skip to content

Instantly share code, notes, and snippets.

@AGWA AGWA/fork_rand.c
Last active Oct 11, 2018

Embed
What would you like to do?
Demonstrates that LibreSSL's PRNG is not fork-safe on Linux. See https://www.agwa.name/blog/post/libressls_prng_is_unsafe_on_linux
/*
* Demonstrates that LibreSSL's PRNG is not fork-safe on Linux.
* See https://www.agwa.name/blog/post/libressls_prng_is_unsafe_on_linux
* This code is in the public domain.
*/
#include <openssl/rand.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/wait.h>
static void random_bytes (unsigned char* p, size_t len)
{
if (RAND_bytes(p, len) != 1) {
fprintf(stderr, "RAND_bytes failed\n");
abort();
}
}
static void random_stir (void)
{
if (RAND_poll() != 1) {
fprintf(stderr, "RAND_poll failed\n");
abort();
}
}
static void print_buffer (unsigned char* p, size_t len)
{
while (len--) {
printf("%02x", (unsigned int)*p++);
}
}
int main ()
{
char c = 0;
int pipefd[2];
pipe(pipefd);
if (fork() == 0) {
unsigned char buffer[32];
pid_t grandparent_pid = getpid();
random_bytes(buffer, sizeof(buffer));
if (fork() == 0) {
random_stir();
setsid();
while (1) {
pid_t grandchild_pid = fork();
if (grandchild_pid == 0) {
random_stir();
if (getpid() == grandparent_pid) {
random_bytes(buffer, sizeof(buffer));
printf("Grandchild (PID = %d) random bytes = ", (int)getpid());
print_buffer(buffer, sizeof(buffer));
printf("\n");
}
_exit(0);
}
wait(NULL);
if (grandchild_pid == grandparent_pid) {
break;
}
}
write(pipefd[1], &c, 1);
_exit(0);
}
random_bytes(buffer, sizeof(buffer));
printf("Grandparent (PID = %d) random bytes = ", (int)getpid());
print_buffer(buffer, sizeof(buffer));
printf("\n");
_exit(0);
}
wait(NULL);
close(pipefd[1]);
read(pipefd[0], &c, 1);
return 0;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.