From 8313aa5ef51cfe14127bcf38a01b71a00b2abaf2 Mon Sep 17 00:00:00 2001 From: pdontthink Date: Thu, 20 Nov 2008 22:32:32 +0000 Subject: [PATCH] The random number seed generator was creating float values that, when fed to mt_srand(), which expects an integer, were seen as zero on some systems because it was such a large number. This fix takes a sub-string of the seed's MD5 before converting it to an integer in order to fix that problem. git-svn-id: https://svn.code.sf.net/p/squirrelmail/code/trunk/squirrelmail@13322 7612ce4b-ef26-0410-bec9-ea0150e637f0 --- include/init.php | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/include/init.php b/include/init.php index a024f8f1..ba052c63 100644 --- a/include/init.php +++ b/include/init.php @@ -120,9 +120,20 @@ if(!empty($_SERVER['UNIQUE_ID'])) { $seed .= uniqid(mt_rand(),TRUE); $seed .= implode( '', stat( __FILE__) ); -/** PHP 4.2 and up don't require seeding, but their used seed algorithm - * is of questionable quality, so we keep doing it ourselves. */ -mt_srand(hexdec(md5($seed))); +// mt_srand() uses an integer to seed, so we need to distill our +// very large seed to something useful (without taking a sub-string, +// the integer conversion of such a large number is always 0 on +// many systems, but strangely, 9 hex numbers - even if larger +// than a signed 32 bit integer - seem to be an acceptable "integer" +// seed (perhaps it is used as unsigned?)... +// we may want to revisit this and always force it to be less than +// 2,147,483,647 +// +$seed = hexdec(substr(md5($seed), 0, 9)); + +// PHP 4.2 and up don't require seeding, but their used seed algorithm +// is of questionable quality, so we keep doing it ourselves. */ +mt_srand($seed); /** * calculate SM_PATH and calculate the base_uri -- 2.25.1