From 470c63d43699cf98563d14cd5913bb17fa52fa08 Mon Sep 17 00:00:00 2001
From: Wim Taymans <wtaymans@redhat.com>
Date: Fri, 24 Apr 2026 16:21:27 +0200
Subject: [PATCH] security: log warning when falling back to weak PRNG

Cryptography: Low

When getrandom() fails, pw_random() silently falls back to rand() or
random_r() seeded from the system clock. This fallback produces
predictable output that should not be used for security-sensitive
operations like WebSocket key generation or network protocol IDs.

Add a warning log message when the fallback is triggered so that
administrators are aware of the degraded random number generation.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 src/pipewire/utils.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/pipewire/utils.c b/src/pipewire/utils.c
index 0cd878870..950fc915b 100644
--- a/src/pipewire/utils.c
+++ b/src/pipewire/utils.c
@@ -336,6 +336,7 @@ void pw_random(void *buf, size_t buflen)
 {
 	if (pw_getrandom(buf, buflen, 0) < 0) {
 		uint8_t *p = buf;
+		pw_log_warn("getrandom failed, falling back to weak PRNG");
 		while (buflen-- > 0) {
 			int32_t val;
 #ifdef HAVE_RANDOM_R