GitLab

Similar concerns as #22919 (moved).

rand() is used to calculate the cnonce in https://searchfox.org/mozilla-esr68/rev/8a8a004bc8de67bab762f1dfcea7683ba81311ce/netwerk/protocol/http/nsHttpDigestAuth.cpp#300, which is sent to the server.

Even though it's only leaking some bits per rand() call, it might still be possible to recover the seed (e.g. with something like https://github.com/Z3Prover/z3, or maybe easier, not sure). Depending on how often srand is called this might be equivalent to a session id (per content process?). Well, the usual problems that guessing the seed of a global PRNG has.

I think we should investigate this, or just directly patch as I don't see many drawbacks of having secure random numbers here.