perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From demerphq <>
Subject Re: random token re-used in subsequent requests
Date Tue, 17 May 2016 18:26:19 GMT
On 17 May 2016 at 20:23, demerphq <> wrote:
> On 16 May 2016 at 20:03, Bruce  Johnson <> wrote:
>>> On May 16, 2016, at 10:15 AM, André Warnier (tomcat) <> wrote:
>>> join "", map +(0..9,"a".."z","A".."Z")[rand(10+26*2)], 1..32 ;
>>> looks at first sight to me like quite inefficient and probably likely to generate
the same string regularly, even if it does not look that way.
>>> (The only variable there is rand(), and it can only return values between 0 and
>> The  function is meant to map a random element from the 62-element-long  array (0..9,"a".."z","A".."Z”)
(hence a rand() call to generate a number from 0 and 62), 32 times, and join them into a string.
>> Although I think that should really be rand(9+26*2) to properly generate array indices
for the entire array and no more. With a number between 0 and 62 (63 numbers) and a 62-element
array, you’ll be retrieving nulls from the array 1/62 calls,  but all that means is that
the string is one char shorter for each time '62’ comes up...
>> So long as rand is properly seeded, you should not get repeats, at least not frequently
enough to ever notice, I’d think.
>> This is textbook Perl, as in I’m pretty sure it’s out of one of Larry Wall’s
books; I use it to generate random strings for cookies.
>> If it’s properly seeded in the original code, it should either work or not work
on all five servers. Not working on one out of the five makes me think maybe there’s some
sort of weird caching issue.
> Or for some reason one of the servers goes through a code path where
> it calls srand/rand prefork.
> An unfortunate side effect of the rules of srand in perl is that if
> you fork without calling rand each child process will have their own
> seed. if you rand before fork then all the children will have their
> own seed.

Sorry, that should read "if you rand before fork then all the children

I personally consider this a bug in Perl, but I doubt it will get fixed.


perl -Mre=debug -e "/just|another|perl|hacker/"

View raw message