SEI CERT C Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 15

changes.mady.by.user Robert Seacord

Saved on

compared with

New Version 16

changes.mady.by.user Robert Seacord

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Pseudo random number generators use mathematical algorithms to produce a sequence of numbers with good statistical properties, but the numbers produced are not genuinely random.

The C Standard function rand (available in stdlib.h) does not have good random number properties. The numbers generated by rand have a comparatively short cycle, and the numbers may be predictable. To achieve the best random numbers possible, an implementation-specific function needs to must be used.

Non-Compliant Code Example

The following code generates an ID with a numeric part produced by calling the rand() function. The IDs produced will be are predictable and have limited randomness.

...

Code Block
bgColor#ccccff
enum {len = 12};
char id[len];  /* id will hold the ID, starting with the characters "ID" */
               /* followed by a random integer */
int r;
int num;
/* ... */
srandom(time(0));  /* seed the PRNG with the current time */
/* ... */
r = random();  /* generate a random integer */
num = snprintf(id, len, "ID%-d", r);  /* generate the ID */
/* ... */

The example then uses the BSD function However, the random() function and uses time(0) as seed. With a trivial seed like time(0), however, the results from rand() or random() are equally also predictable.

Compliant Solution (

...

Linux)

To generate an unpredictable number, use an unpredictable seed and a cryptographically strong mixing function. On Unix systems, for example, decent results can be obtained by reading /dev/urandom, which will not block the application.

When unpredictability really matters (session IDs and crypto keys) use a cryptographical library and seed it with data that are read from /dev/random.

The rand48 family of functions provides another alternative.Note. These pseudo random number generators use mathematical algorithms to produce a sequence of numbers with good statistical properties, but the numbers produced are not genuinely random. For additional randomness, Linux users can use the character devices /dev/random or /dev/urandom, but it is advisable to retrieve only a small number of characters from these devices. (The device /dev/random may block for a long time if there are not enough events going on to generate sufficient randomness; /dev/urandom does not block.)

The rand48 family of functions provides another alternative.

Risk Assessment

Using the rand() function leads to possibly predictable random numbers.

...