Can I use the argc address as a random source?

Question

Can I use the argc address as a random source?

I want to create a program that requires only one random number, so I try to use the ARGC address in the main function as a random source, because I think the location of the program in memory is random, and it can also save some include instructions, so I tried :

#include <stdio.h> int main(int argc,const char* argv[]){ printf("%lu\n",(unsigned long int)&argv/sizeof(unsigned long int)); return 0; }

but I found that the output at each point in time is not very "random": they are a multiple of 4:

 17591828907268 17591841542404 17591845040388 17591834556676

What is the reason? And does the argc address use a random number?

Then I try to remove some bits of the address:

 #include <stdio.h> int main(int argc,const char* argv[]){ printf("%lu\n",(unsigned long int)&argv >> 12); return 0; }

this time it looks pretty random, at least it has both odd and even numbers:

 34359070631 34359034616 34359078055 34359080624

Is this the "right" way to turn the argc address into a random number?

+5

c pointers main random argc

ggrr Jan 11 '16 at 4:30

source share

3 answers

If you really need randomness, you should use one of the following options:

/ dev / random
/ Dev / urandom
For information on these two, see How to use / dev / random or urandom in C?
srand ()
See srand () sowing information here: Recommended way to initialize srand?
An external library specifically designed for him.
Some information is good random number generator for C

+1

John hascall Jan 11 '16 at 8:35

source share

It is a multiple of 4, because the function addresses will be aligned according to the words on each platform that I know about (I assume it is x86 or x86_64?)

The argc address may be “random” for some sense of the word, since you probably won’t know what it is, so if you use it to sow the initial conditions for the game or whatever it probably works; definitely don't rely on it if you use it for cryptography or something else - an attacker can influence where argc boots up.

However, your C library comes with completely functional rand () and srand () functions, which, as a bonus, allow you to intentionally sow it with a specific value, which can be very useful when debugging; I stick to this when I need random numbers, personally.

0

Bandrami Jan 11 '16 at 4:38

source share

Cornstalks · Accepted Answer · 2016-01-11T04:36:05+0000

What is the reason?

The alignment requirements for your architecture, which I assume are x86, and int are 4 bytes, which means that each int should be aligned to an address that is divisible by 4 (this is exactly the behavior you see).

And is the argc address used as a random number?

Possible? Yes of course . You just go ahead and do it.

Is that a good idea? No, definitely not. See below why.

Is this the "right" way to turn the argc address into a random number?

I assume that “right” you mean a good source of entropy, and the answer is no.

In modern operating systems, there is some degree of randomization of address space allocation , but it should not be a good source of entropy. It just meant that it would be harder for someone to use a bug in your program as a security exploit. And really there are no guarantees regarding ASLR (you can disable it on some operating systems if you really wanted to).

In short, you should not use the address of a variable as a source for entropy. This is simply not a good source of chance.

Can I use the argc address as a random source?

More articles: