From 5d67d731ee286a8101c8e0228946a5df272b9c1d Mon Sep 17 00:00:00 2001 From: Samuel Stokes Date: Tue, 9 Apr 2024 15:12:04 -0400 Subject: [PATCH] Use crypto/rand instead of math/rand for randomReqId --- op-node/p2p/sync.go | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/op-node/p2p/sync.go b/op-node/p2p/sync.go index e8e9d11f286f..1a25f6395ecc 100644 --- a/op-node/p2p/sync.go +++ b/op-node/p2p/sync.go @@ -3,12 +3,13 @@ package p2p import ( "bytes" "context" + "crypto/rand" "encoding/binary" "errors" "fmt" "io" + "math" "math/big" - "math/rand" "sync" "sync/atomic" "time" @@ -395,8 +396,14 @@ func (s *SyncClient) onRangeRequest(ctx context.Context, req rangeRequest) { } } - // Create shared reqId so associated peerRequests can all be cancelled by setting a single flag - randomReqId := rand.Uint64() + // Create shared randomReqId so associated peerRequests can all be cancelled by setting a single flag + bigMax := new(big.Int).SetUint64(math.MaxUint64) + randomBigInt, err := rand.Int(rand.Reader, bigMax) + if err != nil { + log.Error("failed to generate randomReqId for range request") + return + } + randomReqId := randomBigInt.Uint64() s.activeRangeRequests[randomReqId] = true // Now try to fetch lower numbers than current end, to traverse back towards the updated start.