From 6df61b72c999e4a2e4bc753dcfb4ef06b1d10224 Mon Sep 17 00:00:00 2001 From: "duna.oh" Date: Wed, 4 Oct 2023 15:16:45 +0900 Subject: [PATCH] Fix issue detected by static analysis tool Use of pseudorandom number generator 'rand' at key-proc.c:45 & atom.c:50 It's bad to use this function for crypto purposes. Change-Id: I553401a0c341a547dfe779a270b51da8d6aa3d80 --- bench/key-proc.c | 5 ++--- test/atom.c | 11 +++++------ 2 files changed, 7 insertions(+), 9 deletions(-) diff --git a/bench/key-proc.c b/bench/key-proc.c index 13f1b55..b8e99dd 100644 --- a/bench/key-proc.c +++ b/bench/key-proc.c @@ -38,11 +38,10 @@ bench_key_proc(struct xkb_state *state) xkb_keycode_t keycode; xkb_keysym_t keysym; int i; - - srand((unsigned) time(NULL)); + unsigned int seed = (unsigned int)time(NULL); for (i = 0; i < BENCHMARK_ITERATIONS; i++) { - keycode = (rand() % (255 - 9)) + 9; + keycode = (rand_r(&seed) % (255 - 9)) + 9; if (keys[keycode]) { xkb_state_update_key(state, keycode, XKB_KEY_UP); keys[keycode] = 0; diff --git a/test/atom.c b/test/atom.c index d42d451..f62a6b9 100644 --- a/test/atom.c +++ b/test/atom.c @@ -44,17 +44,16 @@ random_string(char **str_out, size_t *len_out) size_t len; char *str; + unsigned int seed = (unsigned int)time(NULL); - srand((unsigned) time(NULL)); - - len = rand() % 15; + len = rand_r(&seed) % 15; str = malloc(len + 1); assert(str); for (size_t i = 0; i < len; i++) - str[i] = random_chars[rand() % ARRAY_SIZE(random_chars)]; + str[i] = random_chars[rand_r(&seed) % ARRAY_SIZE(random_chars)]; /* Don't always terminate it; should work without. */ - if (rand() % 2 == 0) + if (rand_r(&seed) % 2 == 0) str[len] = '\0'; *str_out = str; @@ -82,7 +81,7 @@ test_random_strings(void) unsigned seed = (unsigned) clock(); srand(seed); - N = 1 + rand() % 100000; + N = 1 + rand_r(&seed) % 100000; arr = calloc(N, sizeof(*arr)); assert(arr); -- 2.7.4