random: whitelist arc4random_buf if glibc

crrodriguez · devnexen · commit 3be91186629f · 2022-07-15T12:33:05.000+01:00
Glibc will soon implement the BSD arc4random API. whitelist its implementation as safe. Closes #8984.
diff --git a/NEWS b/NEWS
@@ -32,6 +32,8 @@ PHP                                                                        NEWS
   . Fixed empty array returned by str_split on empty input. (Michael Vorisek)
   . Added ini_parse_quantity function to convert ini quantities shorthand
     notation to int. (Dennis Snell)
+  . Enable arc4random_buf for Linux glibc 2.36 and onwards
+    for the random_bytes. (Cristian Rodriguez)
 
 07 Jul 2022, PHP 8.2.0alpha3
 
diff --git a/ext/standard/random.c b/ext/standard/random.c
@@ -94,7 +94,7 @@ PHPAPI int php_random_bytes(void *bytes, size_t size, bool should_throw)
 		}
 		return FAILURE;
 	}
-#elif HAVE_DECL_ARC4RANDOM_BUF && ((defined(__OpenBSD__) && OpenBSD >= 201405) || (defined(__NetBSD__) && __NetBSD_Version__ >= 700000001) || defined(__APPLE__))
+#elif HAVE_DECL_ARC4RANDOM_BUF && ((defined(__OpenBSD__) && OpenBSD >= 201405) || (defined(__NetBSD__) && __NetBSD_Version__ >= 700000001) || defined(__APPLE__) || defined(__GLIBC__))
 	arc4random_buf(bytes, size);
 #else
 	size_t read_bytes = 0;

Original file line number	Diff line number	Diff line change
`@@ -94,7 +94,7 @@ PHPAPI int php_random_bytes(void *bytes, size_t size, bool should_throw)`
`94`	`94`	`}`
`95`	`95`	`return FAILURE;`
`96`	`96`	`}`
`97`		`-#elif HAVE_DECL_ARC4RANDOM_BUF && ((defined(__OpenBSD__) && OpenBSD >= 201405) \|\| (defined(__NetBSD__) && __NetBSD_Version__ >= 700000001) \|\| defined(__APPLE__))`
	`97`	`+#elif HAVE_DECL_ARC4RANDOM_BUF && ((defined(__OpenBSD__) && OpenBSD >= 201405) \|\| (defined(__NetBSD__) && __NetBSD_Version__ >= 700000001) \|\| defined(__APPLE__) \|\| defined(__GLIBC__))`
`98`	`98`	`arc4random_buf(bytes, size);`
`99`	`99`	`#else`
`100`	`100`	`size_t read_bytes = 0;`