From 8d0019e0ef2b64cb2c762a1b3515a73c2f3c95ac Mon Sep 17 00:00:00 2001 From: deraadt <> Date: Fri, 12 Feb 2021 17:03:51 +0000 Subject: Some people still argue that rand(3) and random(3) have suitable deterministic use cases, so explain the situation a bit more. Since the 80's, I estimate around 5 algorithm changes, so any chosen seed is unrepeatable UB. +The deterministic sequence algorithm changed a number of times since +original development, is underspecified, and should not be relied upon to +remain consistent between platforms and over time. ok jmc kettenis --- src/lib/libc/stdlib/rand.3 | 7 +++++-- src/lib/libc/stdlib/random.3 | 7 +++++-- 2 files changed, 10 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/lib/libc/stdlib/rand.3 b/src/lib/libc/stdlib/rand.3 index 2fd88ac8a4..76278c871a 100644 --- a/src/lib/libc/stdlib/rand.3 +++ b/src/lib/libc/stdlib/rand.3 @@ -29,9 +29,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $OpenBSD: rand.3,v 1.19 2014/12/09 21:55:39 jmc Exp $ +.\" $OpenBSD: rand.3,v 1.20 2021/02/12 17:03:51 deraadt Exp $ .\" -.Dd $Mdocdate: December 9 2014 $ +.Dd $Mdocdate: February 12 2021 $ .Dt RAND 3 .Os .Sh NAME @@ -78,6 +78,9 @@ can be substituted for then subsequent .Fn rand calls will return results using the deterministic algorithm. +The deterministic sequence algorithm changed a number of times since +original development, is underspecified, and should not be relied upon to +remain consistent between platforms and over time. .Pp The .Fn rand diff --git a/src/lib/libc/stdlib/random.3 b/src/lib/libc/stdlib/random.3 index 020c72805f..0770d20f09 100644 --- a/src/lib/libc/stdlib/random.3 +++ b/src/lib/libc/stdlib/random.3 @@ -25,9 +25,9 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" $OpenBSD: random.3,v 1.28 2014/12/09 21:55:39 jmc Exp $ +.\" $OpenBSD: random.3,v 1.29 2021/02/12 17:03:51 deraadt Exp $ .\" -.Dd $Mdocdate: December 9 2014 $ +.Dd $Mdocdate: February 12 2021 $ .Dt RANDOM 3 .Os .Sh NAME @@ -96,6 +96,9 @@ a default table of size 31 long integers to return successive pseudo-random numbers in the range from 0 to (2**31)\-1. The period of this random number generator is very large, approximately 16*((2**31)\-1), but the results are a deterministic sequence from the seed. +The deterministic sequence algorithm changed a number of times since +original development, is underspecified, and should not be relied upon to +remain consistent between platforms and over time. .Pp The .Fn initstate -- cgit v1.2.3-55-g6feb