#include <vlc_network.h>
#include <vlc_charset.h>
#include <vlc_strings.h>
+#include <vlc_rand.h>
#ifndef WIN32
# include <locale.h>
answer->p_body = NULL;
break;
}
- if( asprintf( &psz_new, "%d", rand() ) < 0 )
+#warning Should use secure randomness here! (spoofing risk)
+ if( asprintf( &psz_new, "%lu", vlc_mrand48() ) < 0 )
return VLC_ENOMEM;
psz_session = psz_new;
answer->p_body = NULL;
break;
}
- if( asprintf( &psz_new, "%d", rand() ) < 0 )
+#warning Session ID should be securely random (spoofing risk)
+ if( asprintf( &psz_new, "%lu", vlc_mrand48() ) < 0 )
return VLC_ENOMEM;
psz_session = psz_new;
if( psz_session == NULL )
{
/* Create a dummy session ID */
- snprintf( psz_sesbuf, sizeof( psz_sesbuf ), "%d",
- rand() );
+ snprintf( psz_sesbuf, sizeof( psz_sesbuf ), "%lu",
+ vlc_mrand48() );
psz_session = psz_sesbuf;
}
answer->i_status = 200;
#include <vlc_tls.h>
#include <vlc_acl.h>
#include <vlc_strings.h>
+#include <vlc_rand.h>
#include "../libvlc.h"
#include <string.h>
"application/octet-stream" );
httpd_MsgAdd( answer, "Server", "Cougar 4.1.0.3921" );
httpd_MsgAdd( answer, "Pragma", "no-cache" );
- httpd_MsgAdd( answer, "Pragma", "client-id=%d", rand()&0x7fff );
+ httpd_MsgAdd( answer, "Pragma", "client-id=%lu",
+ vlc_mrand48()&0x7fff );
httpd_MsgAdd( answer, "Pragma", "features=\"broadcast\"" );
/* Check if there is a xPlayStrm=1 */