A milestone - the first TESTFRAME capture

[Hal Murray]

esr at thyrsus.com said:
>>> I think I've worked out a way not to have to capture random-number calls. 
> Simple. If I record events for every place that *uses* the RNG with whatever
> value it extracted, I don't have to track every single RNG call.

I think that only works in a few special cases.  For example, ntp_gettime 
uses random to fuzz the bottom bits so you don't need to intercept that 
randomness if you are intercepting ntp_gettime.

Here is an example where you can't intercept where it is used:

Yesterday, I fixed a couple of coverity complaints about using rand(), so I 
learned a bit about that code.  It is randomizing the order of returning 
named slots in a clump of data.   (The idea was to force clients to process 
the answer in any order so ntpd wouldn't get stuck with preserving the order 
if that code area ever changed.)

I don't see how you can preserve the content of the packets that routine is 
constructing without feeding it the same randomness to work with.


-- 
These are my opinions.  I hate spam.