>in fact, the only difference between sha1 and sha256 are the number of iterations (as I
understand it anyway)
No -- SHA-1 has quite a different design from the SHA-2 family (which includes SHA-224,
SHA-256, SHA-384, and SHA-512). In fact, SHA-256/224 have fewer rounds than SHA-1. Not that
this matters to anyone except real cryptography geeks, but hey, in case you were curious.
Except, of course, that it's why the recent attacks against SHA-1 haven't generalized to SHA-2
yet (though the increased bit-length would probably protect them anyway). It is unclear to
what extent this is coincidence and to what extent it is NSA Sneakiness.
>if you ever have a hash produce its input as its output you end up in a loop where additional
iterations will always produce the same output.
True (at least for the simplest hash-based CPRNG design), but I'm pretty sure no-one has ever
found such a input/output pair, and finding one is very similar to accomplishing a preimage
attack, so I wouldn't worry about it much in practice.