[tor-commits] [bridgedb/develop] Fixed the insecure pseudorandom generator for selecting captcha
phw at torproject.org
phw at torproject.org
Tue Mar 24 16:41:37 UTC 2020
commit cd10f409d91b5a9bbaaa319a196a71f1d4686612
Author: agix <columbeff at gmail.com>
Date: Tue Mar 24 15:11:08 2020 +0100
Fixed the insecure pseudorandom generator for selecting captcha
Signed-off-by: Philipp Winter <phw at nymity.ch>
---
bridgedb/captcha.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/bridgedb/captcha.py b/bridgedb/captcha.py
index 2bdf6b9..adc1c46 100644
--- a/bridgedb/captcha.py
+++ b/bridgedb/captcha.py
@@ -389,7 +389,7 @@ class GimpCaptcha(Captcha):
and a challenge string (used for checking the client's solution).
"""
try:
- imageFilename = random.choice(os.listdir(self.cacheDir))
+ imageFilename = random.SystemRandom().choice(os.listdir(self.cacheDir))
imagePath = os.path.join(self.cacheDir, imageFilename)
with open(imagePath, 'rb') as imageFile:
self.image = imageFile.read()
More information about the tor-commits
mailing list