#2122 Provide error_t and rand_s () (secure random number generation) from VC++2005

WSL
assigned
Earnie Boyd
Feature
none
Known_Feature
True
2013-12-07
2013-10-30
Tarnyko
No

rand_s () is a function available starting from Windows XP, which provides "secure" random number generation, without the need of a seed :
http://msdn.microsoft.com/en-us/library/sxtz2fa8%28VS.80%29.aspx

errno_t is the return type, and a simple typedef to int :
http://msdn.microsoft.com/en-us/library/ms235429%28v=vs.90%29.aspx

For the record, it's now required to compile libraries such as GLib (see https://bugzilla.gnome.org/show_bug.cgi?id=711043).

Please consider attached patch, which adds their definitions to the headers and exports the function symbol.

1 Attachments

Discussion

  • Keith Marshall
    Keith Marshall
    2013-12-07

    • status: unread --> assigned
    • assigned_to: Earnie Boyd
     
  • Keith Marshall
    Keith Marshall
    2013-12-07

    I don't see any major obstacle to supporting this, but I do have some issues with your patch, and with your assertion that this API is supported from WinXP onwards:

    1. I don't see a ChangeLog entry, to support your patch.

    2. If I run

      ~~~~
      $ pexports msvcrt.dll | grep rand
      ~~~~

      (in the appropriate system directory), on my WinXP VMs, (both day 0, and with SP2 applied), I see rand and srand, but no rand_s; a GetProcAddress() probe on MSVCRT.DLL confirms its absence, so I must conclude that it is not reliably supported by the standard system DLL, on WinXP. (I do see it on Win7).

    3. ISO C11 Annex K suggests that errno_t should be defined in errno.h; MSDN gives us no clue where Microsoft might have defined it, prior to C11 adoption, but winnt.h just seems wrong, as does guarding it with _ERRCODE_DEFINED.

    4. MinGW currently complies with the POSIX requirement that errno is defined as an int. ISO C11 specifies errno_t to be a more descriptive typedef for errno itself, but that recommendation has yet to be adopted by MinGW; until it is, it seems more reasonable to me that we should consistently define the return type of rand_s, (if we are to implement it), as int, matching the type of errno.

    That said, the above is my opinion only, and I will not progress this without Earnie's agreement.