Bug 53050 - org.apache.catalina.session.ManagerBase has issues with update the seed (initialized to System.currentTimeMillis()), since only the 32 least significant bits are changed by the XOR.
Summary: org.apache.catalina.session.ManagerBase has issues with update the seed (init...
Status: RESOLVED FIXED
Alias: None
Product: Tomcat 5
Classification: Unclassified
Component: Catalina (show other bugs)
Version: 5.5.35
Hardware: PC Windows Vista
: P2 normal (vote)
Target Milestone: ---
Assignee: Tomcat Developers Mailing List
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2012-04-09 18:08 UTC by Andras Rozsa
Modified: 2012-10-01 08:35 UTC (History)
1 user (show)



Attachments
2012-06-05_tc6_53050_ManagerBase.patch (1.36 KB, patch)
2012-06-05 20:42 UTC, Konstantin Kolinko
Details | Diff
2012-06-05_tc55_53050_ManagerBase.patch (1.43 KB, patch)
2012-06-05 20:43 UTC, Konstantin Kolinko
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Andras Rozsa 2012-04-09 18:08:03 UTC
Line 563: long seed = System.currentTimeMillis();
...
Line 567: long update = ((byte) entropy[i]) << ((i % 8) * 8);
Line 568: seed ^= update;

The byte-cast in Line 567 should be replaced by a long-cast.

With the byte-cast of entropy[i] the long update becomes a 32-bit int, so the 32 most significant bits of the seed will not be updated by the XOR in Line 568.
Comment 1 Christopher Schultz 2012-04-10 17:44:44 UTC
For reference, a short discussion on the dev list:
http://markmail.org/thread/r7kvsx3epauzw5qq
Comment 2 Konstantin Kolinko 2012-06-05 20:42:41 UTC
Created attachment 28894 [details]
2012-06-05_tc6_53050_ManagerBase.patch

Patch to be proposed for Tomcat 6.0
Comment 3 Konstantin Kolinko 2012-06-05 20:43:09 UTC
Created attachment 28895 [details]
2012-06-05_tc55_53050_ManagerBase.patch

Patch to be proposed for Tomcat 5.5
Comment 4 Konstantin Kolinko 2012-06-05 20:57:01 UTC
Proposed for 6.0 and 5.5.
Comment 5 Konstantin Kolinko 2012-06-23 11:56:08 UTC
Fixed in 6.0 with r1353112 and will be in 6.0.36.

I am reassigning this issue from 6.0.24 to 5.5.
Comment 6 Mark Thomas 2012-10-01 08:35:29 UTC
This was fixed some time ago in 5.5.x (r1359751) and will be included in 5.5.36 onwards.