Bug 619594: (CVE-2010-4568) [SECURITY] Improve the randomness of

generate_random_password, to protect against an account compromise issue
and other critical vulnerabilities.
r=LpSolit, a=LpSolit

https://bugzilla.mozilla.org/show_bug.cgi?id=621591

1 files changed, 8 insertions, 1 deletions

diff --git a/Bugzilla/Util.pm b/Bugzilla/Util.pm
index 457eb7d02..f9e8d12f7 100644
--- a/Bugzilla/Util.pm
+++ b/Bugzilla/Util.pm
@@ -54,6 +54,7 @@ use DateTime::TimeZone;
 use Digest;
 use Email::Address;
 use List::Util qw(first);
+use Math::Random::Secure qw(irand);
 use Scalar::Util qw(tainted);
 use Template::Filters;
 use Text::Wrap;
@@ -535,9 +536,15 @@ sub bz_crypt {
     return $crypted_password;
 }
 
+# If you want to understand the security of strings generated by this
+# function, here's a quick formula that will help you estimate:
+# We pick from 62 characters, which is close to 64, which is 2^6.
+# So 8 characters is (2^6)^8 == 2^48 combinations. Just multiply 6
+# by the number of characters you generate, and that gets you the equivalent
+# strength of the string in bits.
 sub generate_random_password {
     my $size = shift || 10; # default to 10 chars if nothing specified
-    return join("", map{ ('0'..'9','a'..'z','A'..'Z')[rand 62] } (1..$size));
+    return join("", map{ ('0'..'9','a'..'z','A'..'Z')[irand 62] } (1..$size));
 }
 
 sub validate_email_syntax {