Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: rng state reusage #292

Merged
merged 1 commit into from
Nov 9, 2024
Merged

fix: rng state reusage #292

merged 1 commit into from
Nov 9, 2024

Conversation

boxdot
Copy link
Collaborator

@boxdot boxdot commented Nov 9, 2024
edited
Loading

StdRng was cloned, which created a new rng with the same state. This
means that the same random numbers were generated:

use rand::{Rng, SeedableRng};
use rand::rngs::StdRng;

let mut rng1 = StdRng::from_entropy();
let mut rng2 = rng1.clone();

assert_eq!(rng1.gen::<u32>(), rng2.gen::<u32>());

This commit replaces the StdRng with ThreadRng in all places where it
was used. It also does not store the rng in manager anymore.

The credits for finding this bug go to @hrdl-github
[email protected].

@boxdot
fix: rng state reusage
11e5f9c 
StdRng was cloned, which created a new rng with the same state. This
means that the same random numbers were generated:

```
use rand::{Rng, SeedableRng};
use rand::rngs::StdRng;

let mut rng1 = StdRng::from_entropy();
let mut rng2 = rng1.clone();

assert_eq!(rng1.gen::<u32>(), rng2.gen::<u32>());
```

This commit replaces the `StdRng` with `ThreadRng` in all place where it
was used. It also does not store the rng in manager anymore.

The credits for finding this bugs go to hrdl
<[email protected]>.
@gferon
Copy link
Collaborator

gferon commented Nov 9, 2024

Thanks! Linking whisperfish/libsignal-service-rs#342 here since this is also related (if somebody wants to look into it later).

@gferon gferon merged commit af5273a into whisperfish:main Nov 9, 2024
3 checks passed
@gferon
Copy link
Collaborator

gferon commented Nov 10, 2024

Adding a mention of 9f717c7 where the mistake was first introduced.

@boxdot boxdot mentioned this pull request Nov 11, 2024
Merged
boxdot pushed a commit to boxdot/gurk-rs that referenced this pull request Nov 12, 2024
@gferon
fix: random state reusage (#326)
2a1f5af 
This includes the fix whisperfish/presage#292 in particular fixing the long-standing issue #234.

Also adjust usage of presage::Store API which is now asynchronous. One possibly negative side-effect is that the UI looks up in the contact names cache in read-only fashion, and only the async part of gurk can populate the cache using the store.

Also fix clippy warnings.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gferon gferon gferon approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@boxdot @gferon