gitlab.flawfinder.drand48-1.erand48-1.jrand48-1.lcong48-1.lrand48-1.mrand48-1.nrand48-1.random-1.seed48-1.setstate-1.srand-1.strfry-1.srandom-1.g_rand_boolean-1.g_rand_int-1.g_rand_int_range-1.g_rand_double-1.g_rand_double_range-1.g_random_boolean-1.g_random_int-1.g_random_int_range-1.g_random_double-1.g_random_double_range-1
137
Download Count*
License
Use a more secure technique for acquiring random values.
Run Locally
Run in CI
Defintion
rules:
- id: flawfinder.drand48-1.erand48-1.jrand48-1.lcong48-1.lrand48-1.mrand48-1.nrand48-1.random-1.seed48-1.setstate-1.srand-1.strfry-1.srandom-1.g_rand_boolean-1.g_rand_int-1.g_rand_int_range-1.g_rand_double-1.g_rand_double_range-1.g_random_boolean-1.g_random_int-1.g_random_int_range-1.g_random_double-1.g_random_double_range-1
languages:
- c
message: |
Use a more secure technique for acquiring random values.
metadata:
cwe: "CWE-327: This function is not sufficiently random for security-related
functions such as key and nonce creation (CWE-327)"
primary_identifier: flawfinder.drand48-1.erand48-1.jrand48-1.lcong48-1.lrand48-1.mrand48-1.nrand48-1.random-1.seed48-1.setstate-1.srand-1.strfry-1.srandom-1.g_rand_boolean-1.g_rand_int-1.g_rand_int_range-1.g_rand_double-1.g_rand_double_range-1.g_random_boolean-1.g_random_int-1.g_random_int_range-1.g_random_double-1.g_random_double_range-1
secondary_identifiers:
- name: Flawfinder - drand48
type: flawfinder_func_name
value: drand48
- name: Flawfinder - erand48
type: flawfinder_func_name
value: erand48
- name: Flawfinder - jrand48
type: flawfinder_func_name
value: jrand48
- name: Flawfinder - lcong48
type: flawfinder_func_name
value: lcong48
- name: Flawfinder - lrand48
type: flawfinder_func_name
value: lrand48
- name: Flawfinder - mrand48
type: flawfinder_func_name
value: mrand48
- name: Flawfinder - nrand48
type: flawfinder_func_name
value: nrand48
- name: Flawfinder - random
type: flawfinder_func_name
value: random
- name: Flawfinder - seed48
type: flawfinder_func_name
value: seed48
- name: Flawfinder - setstate
type: flawfinder_func_name
value: setstate
- name: Flawfinder - srand
type: flawfinder_func_name
value: srand
- name: Flawfinder - strfry
type: flawfinder_func_name
value: strfry
- name: Flawfinder - srandom
type: flawfinder_func_name
value: srandom
- name: Flawfinder - g_rand_boolean
type: flawfinder_func_name
value: g_rand_boolean
- name: Flawfinder - g_rand_int
type: flawfinder_func_name
value: g_rand_int
- name: Flawfinder - g_rand_int_range
type: flawfinder_func_name
value: g_rand_int_range
- name: Flawfinder - g_rand_double
type: flawfinder_func_name
value: g_rand_double
- name: Flawfinder - g_rand_double_range
type: flawfinder_func_name
value: g_rand_double_range
- name: Flawfinder - g_random_boolean
type: flawfinder_func_name
value: g_random_boolean
- name: Flawfinder - g_random_int
type: flawfinder_func_name
value: g_random_int
- name: Flawfinder - g_random_int_range
type: flawfinder_func_name
value: g_random_int_range
- name: Flawfinder - g_random_double
type: flawfinder_func_name
value: g_random_double
- name: Flawfinder - g_random_double_range
type: flawfinder_func_name
value: g_random_double_range
license: MIT
pattern-either:
- pattern: drand48(...)
- pattern: erand48(...)
- pattern: jrand48(...)
- pattern: lcong48(...)
- pattern: lrand48(...)
- pattern: mrand48(...)
- pattern: nrand48(...)
- pattern: random(...)
- pattern: seed48(...)
- pattern: setstate(...)
- pattern: srand(...)
- pattern: strfry(...)
- pattern: srandom(...)
- pattern: g_rand_boolean(...)
- pattern: g_rand_int(...)
- pattern: g_rand_int_range(...)
- pattern: g_rand_double(...)
- pattern: g_rand_double_range(...)
- pattern: g_random_boolean(...)
- pattern: g_random_int(...)
- pattern: g_random_int_range(...)
- pattern: g_random_double(...)
- pattern: g_random_double_range(...)
- pattern-regex: (long|short|double|int|float|void)\s(\*|)(\s|)(seed48|lcong48)(\(.*\))\;
severity: WARNING
Short Link: https://sg.run/grno