Call math.randomseed() without arguments to seed from system entropy.

Reminder: the math.random() PRNG is NOT SUITABLE FOR CRYPTOGRAPHIC USE.
author: Mike Pall <mike> 2024-07-04 01:26:29 +0200
committer: Mike Pall <mike> 2024-07-04 01:26:29 +0200
commit: 04dca7911ea255f37be799c18d74c305b921c1a6 (patch)
tree: 0979ae369fbb82e7e5fb1c53fcf5cf5955c95f7b
parent: 7421a1b33c7ea46f12bba9700c15b5c90253fee0 (diff)
download: luajit-04dca7911ea255f37be799c18d74c305b921c1a6.tar.gz
luajit-04dca7911ea255f37be799c18d74c305b921c1a6.tar.bz2
luajit-04dca7911ea255f37be799c18d74c305b921c1a6.zip
4 files changed, 13 insertions, 3 deletions
diff --git a/doc/extensions.html b/doc/extensions.html
index c1c9a808..e9aaa096 100644
--- a/doc/extensions.html
+++ b/doc/extensions.html
@@ -265,7 +265,7 @@ and let the GC do its work.
 LuaJIT uses a Tausworthe PRNG with period 2^223 to implement
 <tt>math.random()</tt> and <tt>math.randomseed()</tt>. The quality of
 the PRNG results is much superior compared to the standard Lua
-implementation, which uses the platform-specific ANSI rand().
+implementation, which uses the platform-specific ANSI <tt>rand()</tt>.
 </p>
 <p>
 The PRNG generates the same sequences from the same seeds on all
@@ -276,6 +276,10 @@ It's correctly scaled up and rounded for <tt>math.random(n&nbsp;[,m])</tt> to
 preserve uniformity.
 </p>
 <p>
+Call <tt>math.randomseed()</tt> without any arguments to seed it from
+system entropy.
+</p>
+<p>
 Important: Neither this nor any other PRNG based on the simplistic
 <tt>math.random()</tt> API is suitable for cryptographic use.
 </p>
diff --git a/src/Makefile.dep b/src/Makefile.dep
index fda77c83..e9f83399 100644
--- a/src/Makefile.dep
+++ b/src/Makefile.dep
@@ -32,7 +32,8 @@ lib_jit.o: lib_jit.c lua.h luaconf.h lauxlib.h lualib.h lj_obj.h lj_def.h \
 lj_target.h lj_target_*.h lj_trace.h lj_dispatch.h lj_traceerr.h \
 lj_vm.h lj_vmevent.h lj_lib.h luajit.h lj_libdef.h
 lib_math.o: lib_math.c lua.h luaconf.h lauxlib.h lualib.h lj_obj.h \
- lj_def.h lj_arch.h lj_lib.h lj_vm.h lj_prng.h lj_libdef.h
+ lj_def.h lj_arch.h lj_err.h lj_errmsg.h lj_lib.h lj_vm.h lj_prng.h \
+ lj_libdef.h
 lib_os.o: lib_os.c lua.h luaconf.h lauxlib.h lualib.h lj_obj.h lj_def.h \
 lj_arch.h lj_gc.h lj_err.h lj_errmsg.h lj_buf.h lj_str.h lj_lib.h \
 lj_libdef.h
diff --git a/src/lib_math.c b/src/lib_math.c
index 4539f804..08bb7673 100644
--- a/src/lib_math.c
+++ b/src/lib_math.c
@@ -13,6 +13,7 @@
 #include "lualib.h"
 #include "lj_obj.h"
+#include "lj_err.h"
 #include "lj_lib.h"
 #include "lj_vm.h"
 #include "lj_prng.h"
@@ -183,7 +184,10 @@ LJLIB_PUSH(top-2)  /* Upvalue holds userdata with PRNGState. */
 LJLIB_CF(math_randomseed)
 {
  PRNGState *rs = (PRNGState *)(uddata(udataV(lj_lib_upvalue(L, 1))));
-  random_seed(rs, lj_lib_checknum(L, 1));
+  if (L->base != L->top)
+    random_seed(rs, lj_lib_checknum(L, 1));
+  else if (!lj_prng_seed_secure(rs))
+    lj_err_caller(L, LJ_ERR_PRNGSD);
  return 0;
 }
diff --git a/src/lj_errmsg.h b/src/lj_errmsg.h
index 127c06da..109e909c 100644
--- a/src/lj_errmsg.h
+++ b/src/lj_errmsg.h
@@ -79,6 +79,7 @@ ERRDEF(SETFENV,	LUA_QL("setfenv") " cannot change environment of given object")
 ERRDEF(CORUN,   "cannot resume running coroutine")
 ERRDEF(CODEAD,  "cannot resume dead coroutine")
 ERRDEF(COSUSP,  "cannot resume non-suspended coroutine")
+ERRDEF(PRNGSD,  "PRNG seeding failed")
 ERRDEF(TABINS,  "wrong number of arguments to " LUA_QL("insert"))
 ERRDEF(TABCAT,  "invalid value (%s) at index %d in table for " LUA_QL("concat"))
 ERRDEF(TABSORT, "invalid order function for sorting")
author	Mike Pall <mike>	2024-07-04 01:26:29 +0200
committer	Mike Pall <mike>	2024-07-04 01:26:29 +0200
commit	04dca7911ea255f37be799c18d74c305b921c1a6 (patch)
tree	0979ae369fbb82e7e5fb1c53fcf5cf5955c95f7b
parent	7421a1b33c7ea46f12bba9700c15b5c90253fee0 (diff)
download	luajit-04dca7911ea255f37be799c18d74c305b921c1a6.tar.gz luajit-04dca7911ea255f37be799c18d74c305b921c1a6.tar.bz2 luajit-04dca7911ea255f37be799c18d74c305b921c1a6.zip