From 33b684e0194930ff072cf812b37c191637261dbe Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Mon, 20 Jan 2025 21:06:43 +0100
Subject: [PATCH] stdlib: Fix unintended change to the random_r implementation

Commit d5bceac99d24af1131b90027dab267e437b65cd1 changed the sequence
of random numbers.  This was completely unintended.  The statistical
properties of the new sequences are unclear, so restore the old
behavior.

Fixes commit d5bceac99d24af1131b90027dab267e437b65cd1 ("stdlib:
random_r: fix unaligned access in initstate and initstate_r
[BZ #30584]").

Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
---
 stdlib/random_r.c | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/stdlib/random_r.c b/stdlib/random_r.c
index 605e96983c..b49f03f5be 100644
--- a/stdlib/random_r.c
+++ b/stdlib/random_r.c
@@ -390,9 +390,10 @@ __random_r (struct random_data *buf, int32_t *result)
       int32_t *end_ptr = buf->end_ptr;
       uint32_t val;
 
-      val = read_state (rptr, 0);
-      int32_t t = read_state (fptr, 0);
-      write_state (fptr, 0, t + val);
+      /* Avoid integer overflow with uint32_t arihmetic.  */
+      val = read_state (fptr, 0);
+      val += read_state (rptr, 0);
+      write_state (fptr, 0, val);
       /* Chucking least random bit.  */
       *result = val >> 1;
       ++fptr;