Re: Entropy sources under WinXP

David Wagner wrote:


What does the interface for reading this value look like?


status = RegQueryValueEx(HKEY, LPTSTR, (NULL), DWORD type, LPBYTE result, DWORD* bytesCopied);

If bytesCopied is initially zero, it will return ERROR_MORE_DATA and bytesCopied will contain the required size. A second query can then supply a large enough buffer.

On the other hand, if the interface is:

/* Gets the size of a registry entry whose key is 'name'. */
size_t getsize(char *name);
/* Copies the named reg. entry into 'buf'. */
int readentry(char *name, char *buf);

then your objections (TOCTTOU, buffer overrun) look plausible.


Yes, and that's the problem. Well, only for values of a type that has no size limit, and Rng\Seed sadly is such a type.
.