Page MenuHome GnuPG
Create Task
Maniphest T1711

glib 2.41 uses rand_s which is not available on all platforms
Closed, ResolvedPublic
Actions

Description

This was originally reported on wald:
https://wald.intevation.org/tracker/index.php?func=detail&aid=6564&group_id=11&atid=126

The problem is that GPA fails to launch because of a symbol lookup error in glib.
The commit that caused this problem in glib is:
https://git.gnome.org/browse/glib/commit/glib/grand.c?id=0e1924a66c642d4aa4a30b97cff509903f972435

According to MSDN and the mingw bug enabling it
(https://sourceforge.net/p/mingw/bugs/2122/) this should be available on Windows
XP in the msvcrt.dll but according to the reporter it is not.

Next step here would be to check if we can reproduce it on our clean windows xp
test systems. It would be good to know if we can still claim Windows XP as a
supported platform or not.

Details

Version
2.2.2

Event Timeline

aheinecke set Version to 2.2.2.Sep 8 2014, 12:30 PM
aheinecke added projects: Windows, gpg4win, Windows 32, Bug Report.
aheinecke added a subscriber: aheinecke.
werner added a subscriber: werner.Sep 8 2014, 4:27 PM

Fortuntately g_rand_new is only used by the dbus support and by tests. Thus we
can easily revert to the old state.

FWIW: Changing the semantics of an existing function to suddenly claim
"cryptographically secure" is a questionable move. You can't rely on it and the
name of the function indicates that it is a wrapper around the usual rand
function. If a CSRNG is needed, an approriate function needs to be added.

aheinecke added a comment.Sep 25 2014, 6:07 PM

Got two more reports about this for Windows XP users. So we can safely assume
that this was not just a corner case problem for a broken setup of the Original
Reporter but that it is a real problem.

I'll add a reversion of the commit mentioned fpr 2.2.3

aheinecke closed this task as Resolved.Nov 19 2014, 5:09 PM

Patch is included in gpg4win now with a comment that it should be obsolete with
newer mingw versions.