SEI CERT Oracle Coding Standard for Java

Space shortcuts

Page tree

Versions Compared

Old Version 79

changes.mady.by.user Todd Nowacki

Saved on

compared with

New Version 80

changes.mady.by.user Todd Nowacki

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This rule appears in the C Secure Coding Standard as MSC30-C. Do not use the rand() function for generating pseudorandom numbers.

This rule appears in the C++ Secure Coding Standard as

Related Guidelines

 

MSC30-

...

C. Do not use the rand() function for generating pseudorandom numbers

...

MITRE CWE

CWE ID 327, "Use of a Broken or Risky Cryptographic Algorithm"

 CERT C Secure Coding Standard

CWE ID 330, "Use of Insufficiently Random Values"

CERT C++ Secure Coding Standard

MSC30-CPP. Do not use the rand() function for generating pseudorandom numbers

 

CWE ID 332, "Insufficient Entropy in PRNG"

 

CWE ID 333, "Improper Handling of Insufficient Entropy in TRNG"

 

CWE ID 336, "Same Seed in PRNG"

 

CWE ID 337, "Predictable Seed in PRNG"

...

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="f97656c54f8d1d86-62fb231c-44ea454c-a0c2998c-3ca377dd7c6947f03a8b52e6"><ac:plain-text-body><![CDATA[

[[API 2006

https://www.securecoding.cert.org/confluence/display/java/AA.+Java+References#AA.JavaReferences-API06]] 

[Class Random

http://java.sun.com/javase/6/docs/api/java/util/Random.html]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="4d67163a63e8c7f4-fe3b1fc8-4abf41b4-91ec93ae-119dc6a0e33cab80a6187584"><ac:plain-text-body><![CDATA[

[[API 2006

https://www.securecoding.cert.org/confluence/display/java/AA.+Java+References#AA.JavaReferences-API06]]

[Class SecureRandom

http://java.sun.com/javase/6/docs/api/java/security/SecureRandom.html]

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="a035fb334968d97c-30c69921-4d4e4328-95b79875-7be438b8823bcd1facdb818f"><ac:plain-text-body><![CDATA[

[[Find Bugs 2008

https://www.securecoding.cert.org/confluence/display/java/AA.+Java+References#AA.JavaReferences-FindBugs08]]

BC: Random objects created and used only once

]]></ac:plain-text-body></ac:structured-macro>

<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="28179b06ac7272f9-acabac6c-4af246eb-8bc39761-77f7422bd2633e839a506e38"><ac:plain-text-body><![CDATA[

[[Monsch 2006

AA. Bibliography#Monsch 06]]

 

]]></ac:plain-text-body></ac:structured-macro>

...