Fork#39658: mingwrt 5.2.2 does not expose function rand_s?
Open Date: 2019-10-06 13:50
Last Update: 2019-10-09 19:18
URL for this Ticket:
https://osdn.net//projects/mingw/ticket/39658
RSS feed for this Ticket:
https://osdn.net/ticket/ticket_rss.php?group_id=3917&tid=39658
---------------------------------------------------------------------
Last Changes/Comment on this Ticket:
2019-10-09 19:18 Updated by: keith
Comment:
Reply To sping
I wonder: Will I have a chance to distinguish versions of mingwrt declaring
rand_s from those that don't on pre-processor level from within Expat code?
I don't find anything like that at https://sourceforge.net/p/predef/wiki/
Compilers/ . Are there mingwrt specific version defines that I can check
for?
You can test the value of __MINGW32_VERSION, (a long integer value), which is
defined in <_mingw.h>, (and thus always defined after any system header has
been included). Its relationship to the mingwrt version is explained in
<_mingw.h.in>; you will need to test for
1. #if __MINGW32_VERSION >= 5003000L
PS: Do you have links / sources about why rand_s and RtlGenRandom are not
more secure than rand despite not being devoid of entropy, as you mention
in the patch comment and above?
In what way do you think rand() is insecure? In what respect would rand_s() be
considered more secure? (Security implies user authentication — an operation
which neither of these functions performs).
---------------------------------------------------------------------
Ticket Status:
Reporter: sping
Owner: (None)
Type: Issues
Status: Open
Priority: 5 - Medium
MileStone: (None)
Component: WSL
Severity: 5 - Medium
Resolution: None
---------------------------------------------------------------------
Ticket details:
Hi!
Windows introduced function rand_s some time and while I find mention of it in
MinGW's msvcrt-xref.pdf I cannot find a signature for it in mingwrt 5.2.2
headers. Are there plans to add a prototype to MinGW? We're about to define a
prototype in https://github.com/libexpat/libexpat/pull/356/files for MinGW in
Expat ourselves now but it seems like the real fix would be to have it in MinGW
for everyone — what do you think?
On a side note, msvcrt-xref.pdf says that rand_s is not contained in Windows XP
but contained in Windows Vista an after. The way I read the MS docs they imply
availability in Windows XP but it might be wishful thinking — if you know for
sure, I'd be interested in more details.
Thanks and best, Sebastian
--
Ticket information of MinGW - Minimalist GNU for Windows project
MinGW - Minimalist GNU for Windows Project is hosted on OSDN
Project URL: https://osdn.net/projects/mingw/
OSDN: https://osdn.net
URL for this Ticket:
https://osdn.net/projects/mingw/ticket/39658
RSS feed for this Ticket:
https://osdn.net/ticket/ticket_rss.php?group_id=3917&tid=39658