Use constant size generic parameter for random bytes generation #1912

New Issue

MrUnknownDE · 2026-04-06T02:39:30+02:00

MrUnknownDE commented

2026-04-06 02:39:30 +02:00

Originally created by @samueltardieu on 11/11/2022

All uses of get_random() were in the form of:

&get_random(vec![0u8; SIZE])

with SIZE being a constant.

Building a Vec is unnecessary for two reasons. First, it uses a very short-lived dynamic memory allocation. Second, a Vec is a resizable object, which is useless in those context when random data have a fixed size and will only be read.

get_random_bytes() takes a constant as a generic parameter and returns an array with the requested number of random bytes.

Stack safety analysis: the random bytes will be allocated on the caller stack for a very short time (until the encoding function has been called on the data). In some cases, the random bytes take less room than the Vec did (a Vec is 24 bytes on a 64 bit computer). The maximum used size is 180 bytes, which makes it for 0.008% of the default stack size for a Rust thread (2MiB), so this is a non-issue.

Also, most of the uses of those random bytes are to encode them using an Encoding. The function crypto::encode_random_bytes() generates random bytes and encode them with the provided Encoding, leading to code deduplication.

generate_id() has also been converted to use a constant generic parameter as well since the length of the requested String is always a constant.

*Originally created by @samueltardieu on 11/11/2022* All uses of `get_random()` were in the form of: `&get_random(vec![0u8; SIZE])` with `SIZE` being a constant. Building a `Vec` is unnecessary for two reasons. First, it uses a very short-lived dynamic memory allocation. Second, a `Vec` is a resizable object, which is useless in those context when random data have a fixed size and will only be read. `get_random_bytes()` takes a constant as a generic parameter and returns an array with the requested number of random bytes. Stack safety analysis: the random bytes will be allocated on the caller stack for a very short time (until the encoding function has been called on the data). In some cases, the random bytes take less room than the `Vec` did (a `Vec` is 24 bytes on a 64 bit computer). The maximum used size is 180 bytes, which makes it for 0.008% of the default stack size for a Rust thread (2MiB), so this is a non-issue. Also, most of the uses of those random bytes are to encode them using an `Encoding`. The function `crypto::encode_random_bytes()` generates random bytes and encode them with the provided `Encoding`, leading to code deduplication. `generate_id()` has also been converted to use a constant generic parameter as well since the length of the requested String is always a constant.

MrUnknownDE closed this issue

2026-04-06 02:39:30 +02:00

Sign in to join this conversation.

No Label

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github/vaultwarden#1912