Fix issue detected by static analysis tool

Use of pseudorandom number generator 'rand' at key-proc.c:45 & atom.c:50
It's bad to use this function for crypto purposes.

Change-Id: I553401a0c341a547dfe779a270b51da8d6aa3d80

diff --git a/bench/key-proc.c b/bench/key-proc.c
index 13f1b55..b8e99dd 100644 (file)
--- a/bench/key-proc.c
+++ b/bench/key-proc.c
@@ -38,11 +38,10 @@ bench_key_proc(struct xkb_state *state)
     xkb_keycode_t keycode;
     xkb_keysym_t keysym;
     int i;
-
-    srand((unsigned) time(NULL));
+    unsigned int seed = (unsigned int)time(NULL);
 
     for (i = 0; i < BENCHMARK_ITERATIONS; i++) {
-        keycode = (rand() % (255 - 9)) + 9;
+        keycode = (rand_r(&seed) % (255 - 9)) + 9;
         if (keys[keycode]) {
             xkb_state_update_key(state, keycode, XKB_KEY_UP);
             keys[keycode] = 0;

diff --git a/test/atom.c b/test/atom.c
index d42d451..f62a6b9 100644 (file)
--- a/test/atom.c
+++ b/test/atom.c
@@ -44,17 +44,16 @@ random_string(char **str_out, size_t *len_out)
 
     size_t len;
     char *str;
+    unsigned int seed = (unsigned int)time(NULL);
 
-    srand((unsigned) time(NULL));
-
-    len = rand() % 15;
+    len = rand_r(&seed) % 15;
     str = malloc(len + 1);
     assert(str);
 
     for (size_t i = 0; i < len; i++)
-        str[i] = random_chars[rand() % ARRAY_SIZE(random_chars)];
+        str[i] = random_chars[rand_r(&seed) % ARRAY_SIZE(random_chars)];
     /* Don't always terminate it; should work without. */
-    if (rand() % 2 == 0)
+    if (rand_r(&seed) % 2 == 0)
         str[len] = '\0';
 
     *str_out = str;
@@ -82,7 +81,7 @@ test_random_strings(void)
     unsigned seed = (unsigned) clock();
     srand(seed);
 
-    N = 1 + rand() % 100000;
+    N = 1 + rand_r(&seed) % 100000;
     arr = calloc(N, sizeof(*arr));
     assert(arr);