Our one use of tor_weak_random() is subtly wrong
In relay.c , we try to use tor_weak_random() to generate a 1/N random event using the pattern:
if ((tor_weak_random() % N) == 0)
But that's subtly wrong. Many popular libcs' versions of random() use a linear congruential generator with a modulus that's a power of two, for which the low-order bits tend to have a much shorter period than the high-order bits. So we'd probably be better off with something more like:
if (tor_weak_random() < TOR_RAND_MAX / N)
modulo rounding issues. Perhaps a tor_rand_int(long maxval) would be smarter still.
This isn't too big a problem, since if we're ever in a place where we can't tolerate not-too-random values, we shouldn't be using tor_weak_random(). Still, it's worth fixing.