Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cpython2 / ddb39e799d65748c5ea42c344170befc90af9e64^! / .
commitddb39e799d65748c5ea42c344170befc90af9e64[log] [tgz]
authorRaymond Hettinger <python@rcn.com>Tue May 13 22:09:23 2014 -0700
committerRaymond Hettinger <python@rcn.com>Tue May 13 22:09:23 2014 -0700
tree7d9b53921e001a17db74e7ed8ba30d7c87e8cd49
parenta5413c499702a74fdc50e4bc8e7e6a480856a1f9 [diff]
Issue #21470: Do a better job seeding the random number generator
to fully cover its state space.

diff --git a/Lib/random.py b/Lib/random.py
index 2f2f091..e89fae6 100644
--- a/Lib/random.py
+++ b/Lib/random.py

@@ -108,7 +108,9 @@
 
         if a is None:
             try:
-                a = long(_hexlify(_urandom(32)), 16)
+                # Seed with enough bytes to span the 19937 bit
+                # state space for the Mersenne Twister
+                a = long(_hexlify(_urandom(2500)), 16)
             except NotImplementedError:
                 import time
                 a = long(time.time() * 256) # use fractional seconds

diff --git a/Misc/NEWS b/Misc/NEWS
index 2bda726..e028419 100644
--- a/Misc/NEWS
+++ b/Misc/NEWS

@@ -52,6 +52,9 @@
 - Issue #21306: Backport hmac.compare_digest from Python 3. This is part of PEP
   466.
 
+- Issue #21470: Do a better job seeding the random number generator by
+  using enough bytes to span the full state space of the Mersenne Twister.
+
 - Issue #21469:  Reduced the risk of false positives in robotparser by
   checking to make sure that robots.txt has been read or does not exist
   prior to returning True in can_fetch().