SEI CERT C++ Coding Standard

Space shortcuts

Page tree

Versions Compared

Old Version 24

changes.mady.by.user Aaron Ballman

Saved on

compared with

New Version 25

changes.mady.by.user Barbara White

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Not all random number generators can be seeded. True random number generators that rely on hardware to produce completely unpredictable results do not need to be and cannot be seeded. Some high-quality PRNGs, such as the /dev/random device on some UNIX systems, also cannot be seeded. This rule applies only to algorithmic pseudorandom number generators that can be seeded.

Noncompliant Code Example

This noncompliant code example generates a sequence of 10 pseudorandom numbers using the Mersenne Twister engine. No matter how many times this code is executed, it always produces the same sequence because the default seed is used for the engine:

Code Block
bgColor#FFCCCC
langcpp
#include <random>
#include <iostream>

void f() {
  std::mt19937 engine;
  
  for (int i = 0; i < 10; ++i) {
    std::cout << engine() << ", ";
  }
}
 
output:
1st run: 3499211612, 581869302, 3890346734, 3586334585, 545404204, 4161255391, 3922919429, 949333985, 2715962298, 1323567403, 
2nd run: 3499211612, 581869302, 3890346734, 3586334585, 545404204, 4161255391, 3922919429, 949333985, 2715962298, 1323567403, 
...
nth run: 3499211612, 581869302, 3890346734, 3586334585, 545404204, 4161255391, 3922919429, 949333985, 2715962298, 1323567403,

Compliant Solution

This compliant solution uses std::random_device to generate a random seed value to see the Mersenne Twister engine object. The values generated by std::random_device are nondeterministic random numbers when possible, relying on random number generation devices, like /dev/random. When such a device is not available, std::random_device may employ a random number engine; however, the initial value generated should have sufficient randomness to serve as a seed value.

Code Block
bgColor#ccccff
langcpp
#include <random>
#include <iostream>

void f() {
  std::random_device dev;
  std::mt19937 engine(dev());
  
  for (int i = 0; i < 10; ++i) {
    std::cout << engine() << ", ";
  }
}

output:
1st run: 3921124303, 1253168518, 1183339582, 197772533, 83186419, 2599073270, 3238222340, 101548389, 296330365, 3335314032, 
2nd run: 2392369099, 2509898672, 2135685437, 3733236524, 883966369, 2529945396, 764222328, 138530885, 4209173263, 1693483251, 
3rd run: 914243768, 2191798381, 2961426773, 3791073717, 2222867426, 1092675429, 2202201605, 850375565, 3622398137, 422940882,
...

Risk Assessment

Rule

Severity

Likelihood

Remediation Cost

Priority

Level

MSC32-CPP

Medium

Likely

Low

P18

L1

Automated Detection

Tool

Version

Checker

Description

    

Related Vulnerabilities

Search for vulnerabilities resulting from the violation of this rule on the CERT website.

Related Guidelines

CERT C Coding StandardMSC32-C. Properly seed pseudorandom number generators
MITRE CWECWE-327, Use of a Broken or Risky Cryptographic Algorithm
CWE-330, Use of Insufficiently Random Values

Bibliography

[ISO/IEC 14882-2014]26.5, "Random Number Generation"
[ISO/IEC 9899:2011]7.22.2, "Pseudo-random Sequence Generation Functions"

...