From ba8920d51c60e1f2bbe50aa9c8504207cf86bf9b Mon Sep 17 00:00:00 2001
From: ache <ache@FreeBSD.org>
Date: Sun, 22 May 2016 06:18:59 +0000
Subject: 1) POSIX prohibits printing errors to stderr here and require
 returning NULL:

"Upon successful completion, initstate() and setstate() shall return a
pointer to the previous state array; otherwise, a null pointer shall
be returned.

Although some implementations of random() have written messages to
standard error, such implementations do not conform to POSIX.1-2008."

2) Move error detections earlier to prevent state modifying.

MFC after:      1 week
---
 lib/libc/stdlib/random.c | 25 ++++++++++---------------
 1 file changed, 10 insertions(+), 15 deletions(-)

(limited to 'lib')

diff --git a/lib/libc/stdlib/random.c b/lib/libc/stdlib/random.c
index 580f26e3..f7b745e 100644
--- a/lib/libc/stdlib/random.c
+++ b/lib/libc/stdlib/random.c
@@ -37,7 +37,6 @@ __FBSDID("$FreeBSD$");
 #include <sys/param.h>
 #include <sys/sysctl.h>
 #include <stdint.h>
-#include <stdio.h>
 #include <stdlib.h>
 #include "un-namespace.h"
 
@@ -341,15 +340,12 @@ initstate(unsigned long seed, char *arg_state, long n)
 	char *ostate = (char *)(&state[-1]);
 	uint32_t *int_arg_state = (uint32_t *)arg_state;
 
+	if (n < BREAK_0)
+		return (NULL);
 	if (rand_type == TYPE_0)
 		state[-1] = rand_type;
 	else
 		state[-1] = MAX_TYPES * (rptr - state) + rand_type;
-	if (n < BREAK_0) {
-		(void)fprintf(stderr,
-		    "random: not enough state (%ld bytes); ignored.\n", n);
-		return (0);
-	}
 	if (n < BREAK_1) {
 		rand_type = TYPE_0;
 		rand_deg = DEG_0;
@@ -408,24 +404,23 @@ setstate(char *arg_state)
 	uint32_t rear = new_state[0] / MAX_TYPES;
 	char *ostate = (char *)(&state[-1]);
 
-	if (rand_type == TYPE_0)
-		state[-1] = rand_type;
-	else
-		state[-1] = MAX_TYPES * (rptr - state) + rand_type;
 	switch(type) {
 	case TYPE_0:
 	case TYPE_1:
 	case TYPE_2:
 	case TYPE_3:
 	case TYPE_4:
-		rand_type = type;
-		rand_deg = degrees[type];
-		rand_sep = seps[type];
 		break;
 	default:
-		(void)fprintf(stderr,
-		    "random: state info corrupted; not changed.\n");
+		return (NULL);
 	}
+	if (rand_type == TYPE_0)
+		state[-1] = rand_type;
+	else
+		state[-1] = MAX_TYPES * (rptr - state) + rand_type;
+	rand_type = type;
+	rand_deg = degrees[type];
+	rand_sep = seps[type];
 	state = new_state + 1;
 	if (rand_type != TYPE_0) {
 		rptr = &state[rear];
-- 
cgit v1.1